Solved

WSUS Group Policies on company laptops

Posted on 2010-09-23
6
476 Views
Last Modified: 2012-05-10
Hi,
We've recently implemented WSUS in our office to get all the desktops and laptops up to date.  There is a group policy in place.

The updates are working.  The only problem is there are some people have never installed updates since they've been here, and it's installing 100 updates, and locking up their computer for 2 hours if they reboot.  I realize that this will all be cleared up once they're up to date.

The other dilemma is that the downloads are scheduled for 11PM, and most people that have laptops, have them turned off at 11PM, so it seems as if the updates aren't downloading.  Also certain users are trying to shut down their laptops to go home, and Windows is making them wait to install updates.

What would you suggest to be a good strategies for these problems?
Thanks,
Jamie
0
Comment
Question by:jamorlando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 7

Assisted Solution

by:myhc
myhc earned 83 total points
ID: 33748720
could try adding "wuauclt.exe /detectnow" to the login script. this forces an update now... so laptops will start to update as soon as they login.
never tried it myself. Would be worth a test.
0
 
LVL 22

Assisted Solution

by:Joseph Moody
Joseph Moody earned 83 total points
ID: 33748734
1. Don't approve all of the updates at once. Instead, approve a dozen or so a week for deployment. Not as safe as doing it all at once but more user friendly.
 
2. If a computer misses an update check, it will automatically check when the computer first turns on.
 
3. Configure laptops to "Do Nothing" when the laptop is closed. This way, a user can pack the laptop away and it will continue to install updates until it is finished.
0
 
LVL 21

Accepted Solution

by:
snusgubben earned 84 total points
ID: 33748745
You could approve only 25 updates. When all users have them approve 25 more. This is not very efficient, so I would tell the users that "sorry, you really need these patches" and approve all. This is a "one time event".

I have set the installation time when I know most users are having lunch.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 

Author Comment

by:jamorlando
ID: 33748766
Lunch time is a good idea for download time.  I like that.

I've approved all the updates right now and try to assure people that these are the growing pains, and that the only reason all these updates are installing now is because they weren't installing updates when they had control to.

I'll look into adding the detectnow to the logon script.
Thanks!
0
 

Author Closing Comment

by:jamorlando
ID: 33801312
no
0
 

Author Comment

by:jamorlando
ID: 33801318
Ignore the "no" .. thanks guys!
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Is your Office 365 signature not working the way you want it to? Are signature updates taking up too much of your time? Let's run through the most common problems that an IT administrator can encounter when dealing with Office 365 email signatures.
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
This tutorial will walk an individual through the process of transferring the five major, necessary Active Directory Roles, commonly referred to as the FSMO roles to another domain controller. Log onto the new domain controller with a user account t…
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question