Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

WSUS Group Policies on company laptops

Posted on 2010-09-23
6
Medium Priority
?
488 Views
Last Modified: 2012-05-10
Hi,
We've recently implemented WSUS in our office to get all the desktops and laptops up to date.  There is a group policy in place.

The updates are working.  The only problem is there are some people have never installed updates since they've been here, and it's installing 100 updates, and locking up their computer for 2 hours if they reboot.  I realize that this will all be cleared up once they're up to date.

The other dilemma is that the downloads are scheduled for 11PM, and most people that have laptops, have them turned off at 11PM, so it seems as if the updates aren't downloading.  Also certain users are trying to shut down their laptops to go home, and Windows is making them wait to install updates.

What would you suggest to be a good strategies for these problems?
Thanks,
Jamie
0
Comment
Question by:jamorlando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 7

Assisted Solution

by:myhc
myhc earned 332 total points
ID: 33748720
could try adding "wuauclt.exe /detectnow" to the login script. this forces an update now... so laptops will start to update as soon as they login.
never tried it myself. Would be worth a test.
0
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 332 total points
ID: 33748734
1. Don't approve all of the updates at once. Instead, approve a dozen or so a week for deployment. Not as safe as doing it all at once but more user friendly.
 
2. If a computer misses an update check, it will automatically check when the computer first turns on.
 
3. Configure laptops to "Do Nothing" when the laptop is closed. This way, a user can pack the laptop away and it will continue to install updates until it is finished.
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 336 total points
ID: 33748745
You could approve only 25 updates. When all users have them approve 25 more. This is not very efficient, so I would tell the users that "sorry, you really need these patches" and approve all. This is a "one time event".

I have set the installation time when I know most users are having lunch.
0
Creating Active Directory Users from a Text File

If your organization has a need to mass-create AD user accounts, watch this video to see how its done without the need for scripting or other unnecessary complexities.

 

Author Comment

by:jamorlando
ID: 33748766
Lunch time is a good idea for download time.  I like that.

I've approved all the updates right now and try to assure people that these are the growing pains, and that the only reason all these updates are installing now is because they weren't installing updates when they had control to.

I'll look into adding the detectnow to the logon script.
Thanks!
0
 

Author Closing Comment

by:jamorlando
ID: 33801312
no
0
 

Author Comment

by:jamorlando
ID: 33801318
Ignore the "no" .. thanks guys!
0

Featured Post

Office 365 Training for IT Pros

Learn how to provision tenants, synchronize on-premise Active Directory, implement Single Sign-On, customize Office deployment, and protect your organization with eDiscovery and DLP policies.  Only from Platform Scholar.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Did you know that more than 4 billion data records have been recorded as lost or stolen since 2013? It was a staggering number brought to our attention during last week’s ManageEngine webinar, where attendees received a comprehensive look at the ma…
Here's a look at newsworthy articles and community happenings during the last month.
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

721 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question