WSUS - server updates for servers - suppress reboot
Guys/Gals, I work within a mid size company. We employ WSUS for all WU across PCs and certain servers. We also have GFI Languard at our disposal.
The problem we have is allowing WSUS to push to all servers and the reboot being inconvenient. We have enabled WSUS settings through a GPO and set the timeframe of 0300, on Sunday only.
~~Example:~~
No auto-restart with logged on users for scheduled automatic updates installations = ENABLED.
Configure automatic updating: 4 - Auto download and schedule the install.
Scheduled install day: 0 - Sunday.
Reschedule Automatic Updates schedule installations: Disabled.
~~
Through a scheduled task we complete a weekly auto reboot of all servers. Servers are not normally logged in with a user.
I want to avoid the server rebooting outside of this window of Sunday @0300. With the settings above and approving WU to this group of server during the working week.
With the settings above do you think I will avoid any unnecessary reboots during the day?
Can you please also let me know if the following assumption is correct based on the settings above:~~
1. We approve WU within WSUS during weekday
2. Either A or B.
A. Based on above this triggers the servers to download files locally and await scheduled time.
B. Server awaits until SUN@0300 and then downloads files and installs, follow with a reboot if necessary
3. Server should only every reboot because of WSUS on Sun @0300 or later depending on download/install time.
Any feedback in this regard would be most helpful. Thanks in advance for your invaluable time.
The problem we have is allowing WSUS to push to all servers and the reboot being inconvenient. We have enabled WSUS settings through a GPO and set the timeframe of 0300, on Sunday only.
~~Example:~~
No auto-restart with logged on users for scheduled automatic updates installations = ENABLED.
Configure automatic updating: 4 - Auto download and schedule the install.
Scheduled install day: 0 - Sunday.
Reschedule Automatic Updates schedule installations: Disabled.
~~
Through a scheduled task we complete a weekly auto reboot of all servers. Servers are not normally logged in with a user.
I want to avoid the server rebooting outside of this window of Sunday @0300. With the settings above and approving WU to this group of server during the working week.
With the settings above do you think I will avoid any unnecessary reboots during the day?
Can you please also let me know if the following assumption is correct based on the settings above:~~
1. We approve WU within WSUS during weekday
2. Either A or B.
A. Based on above this triggers the servers to download files locally and await scheduled time.
B. Server awaits until SUN@0300 and then downloads files and installs, follow with a reboot if necessary
3. Server should only every reboot because of WSUS on Sun @0300 or later depending on download/install time.
Any feedback in this regard would be most helpful. Thanks in advance for your invaluable time.
Another option available to you through the GPO is that you can set the time to download and install the updates based on your time window. Below is a picture of my GPO for automatic updates. I have it set for everyday at 3am but you do set this to only one day if you like.
1.jpg
1.jpg
Hi,
Extending the solutions above would recommend to move all the servers to NEW OU Eg: Servers and create desired GPO as per the requirement.
Regards
Arun Kumar V
Extending the solutions above would recommend to move all the servers to NEW OU Eg: Servers and create desired GPO as per the requirement.
Regards
Arun Kumar V
ASKER
Guys, thanks for quick response. Currently all servers are in a separate GPO and affected by one WSUS GPO as detailed in image image.
Will my settings avoid unnecessary reboots outside of Sundays at 03:00?
If I approve updates midweek will they download to target group immediately or await scheduled time of Sunday 03:00?
Thanks in advance.
wsus-sample.JPG
Will my settings avoid unnecessary reboots outside of Sundays at 03:00?
If I approve updates midweek will they download to target group immediately or await scheduled time of Sunday 03:00?
Thanks in advance.
wsus-sample.JPG
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thanks for all your reponses.
Great forum.
Great forum.
"Specifies that to complete a scheduled installation, Automatic Updates will wait for the computer to be restarted by any user who is logged on, instead of causing the computer to restart automatically."