Recommendations for GPO Windows Updates of Managed Servers

I am reviewing my processes and policies for managing multiple Servers across multiple sites/clients.

I am curious to see how others manage servers for Microsoft Updates, specifically the GPO settings used in conjunction with manual execution.

For Example, do you set updates to Download and Schedule install for 3am on a Sunday and let the server reboot when required? Alternatively do you set to download only and have better control over reboot times etc.?

Pros and Cons .....
Who is Participating?
DonNetwork AdministratorCommented:
These should help you

Best Practices with Windows Server Update Services 3.0

Managing the WSUS Automatic Updates Client Download, Install, and Reboot Behavior with Group Policy

WSUS GPO Settings for the real world  <<<good explanations here
Cliff GaliherCommented:
I don't use WU/MU to manage servers. WSUS in some cases, in which case a scheduled install is fine, because I can still control that install time through the approval process...and I don't use auto-approval rules on servers either.

For multiple sites or clients, however, nothing beats a good patch management package, usually integrated with other RMM tools as well. PacketTrap, LabTech, GFIMax are all highly respected in this field. Heck, evne MS is getting in on the action with MS InTune. There is just not a reason to use WU/MU to manage servers as the lack of control makes losing a server at an inopportune time way too likely.

FlippAuthor Commented:
Thank you.
Instead of allowing automatic updates to install all the patches on your servers, it is always better and safe to test them on few machines before you roll out to all the servers. SCCM has this capability of approving patches prior to bulk deployment If you are looking for a simple tool to manage you patch deployments, you can try this:
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.