Join Log in
Score:2
juan_more_bitcoin avatar Server

Windows Update fallback plan when system is powered off?

au flag
juan_more_bitcoin

Background

I have a Windows domain consisting of ten Windows 2022 servers and five Windows 11 Hyper-V VMs. The servers live at AWS. The Windows 11 VMs live on various laptops.

I want to implement a reliable Windows Update strategy.

What I Want

My preference is for downloading to take place automatically in the background, and for installations and subsequent reboots (if necessary) to take place at or around 3:00 am each morning.

In the event that a computer is powered off at 3:00 am I'd like the updates to install automatically at either (a) the next startup or (b) the next shutdown.

What's Actually Happening

Servers are successfully updating and rebooting as planned at 3:00 am.

The laptops and their contained Hyper-V VMs are downloading the updates in the background, but those updates are never installed since the VMs are always powered off at 3:00 am. The updates queue up but are never applied.

Shutting down and/or restarting these VMs does nothing to trigger the installation. The update can only be performed by manually logging in to each VM and clicking the Install Now button on the Windows Update setup screen.

What I've Tried

Since I desire to manage the update policy in a single place, I'm using GPOs. The Windows update GPO for the domain is configured as follows:

Only two policies are enabled: "Configure Automatic Updates" and "Always automatically restart at the scheduled time."

Screenshot: Policies Enabled

The "Configure Automatic Updates" policy is set to (4) Auto download and schedule the install, Every day, 3:00 am.

Screenshot: Configure Automatic Updates

The "Always automatically restart at the scheduled time" policy is set to fifteen minutes.

Screenshot: Always automatically restart

The final thing I've tried is turning on "Get me up to date" on each of the Windows VMs, which claims to 'restart as soon as possible (even during active hours)."

Screenshot: Get me up to date

No luck with that either. Any ideas of how I get can get these updates to install in an automated way at either startup or shutdown when the machines in question are powered down during the 'official' 3:00 am update time?

37
0 + 0
djdomi avatar
za flag
djdomi
Do you turn off the VMS at 3, but want also to install it, at the same time? Nope, Sir, That will not work with a Single GPO. You have to create a separate one and place the VMS inside there. you should do the same with servery.
0
Reply
juan_more_bitcoin avatar
au flag
juan_more_bitcoin
@djdomi No, the VMs are typically shutdown at around 5:00pm or so, along with the laptops that contain those VMs. Then they're restarted at maybe 9:00 the following day. So are you suggesting creating a separate policy for the laptop VMs wherein the scheduled installation time is some time during the day when I know they'll be on (e.g. 3:00pm)?
0
Reply
djdomi avatar
za flag
djdomi
Microsoft claims that a usual update for a client takes 8 hours to finish. calculate this time where the start should be
0
Reply
ธงชาติไทย
Elon Musk
I sit in a Tesla and translated this thread with Ai:

mangohost

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.