I have a customer who is justifiably concerned about staying up with Windows updates on all their machines.
Often, they get messages that say an update failed but will be tried again (but when?). And, when did it fail?
This is important because most of these computers MUST have DCOMCNG setting: Default Properties / Default Authentication Level set to NONE instead of the Windows default of CONNECT.
Now, we know that Windows updates won't happen with it set to NONE. So, I've written scripts to switch it at midnight (to CONNECT) and at 8am (to NONE). Perhaps I could open that window in time a bit and start at 8pm instead of midnight.
This raises two questions:
1) can the message "will try again" be relied on and the updates be done in a timely manner? Do you experience this same thing with the DCOM set to CONNECT all the time? Is it a matter for concern?
2) is there a way to know or control when the updates will be attempted? During the working day seems untoward. The old 3am time seems to have gone out the window altogether.