0

When a system is working on Windows Updates that require a reboot, at a certain stage it will kick RDP sessions and new RDP sessions will immediately be bounced back. But, I've also seen other (mystery) cases where new RDP sessions are kicked immediately in the same fashion.

What I'm hoping to find is a way to tell via PowerShell (via SSH, remoting, virsh/IPMI console, or ansible) that a host is in this sort of "you can't RDP because we're applying Windows Updates in preparation for a reboot" state.

I've looked at various Windows Update related status objects in PowerShell but I've been unable to find one that can confirm "yes the machine is in this state so your RDP not working is expected".

Bonus points if there's also some way to confirm that progress is truly being made on the work (and that it's not stuck and needing a forced reboot).

Daniel Jennings
  • 101
  • 2
  • 1
    Next time you encounter a direct bounce back I would note the time and later check Windows event log for the noted time what events were recorded. May be you then get a better understanding of the state of the server and how to query or identify this state. – Robert May 11 '22 at 21:16

1 Answers1

0

There is a PendingReboot powershell module that will test for that condition. It should help you develop a script that will do what you need.

https://www.powershellgallery.com/packages/PendingReboot/0.9.0.6

This article may help you on your way.

https://lazyadmin.nl/it/how-to-stop-automatic-restart-win-10-after-installing-updates/

Mr Cholmondley Warner
  • 13
  • 5
  • Thanks but that module seems to tell you that a pending reboot is required, not that one is actually in-progress. For example it says that a reboot is pending when the system is just sitting there waiting for reboot and also while it's working on rebooting (e.g. the time that it kicks you from RDP if you try to connect). – Daniel Jennings May 11 '22 at 19:13
  • @DanielJennings: a restart should only be "in progress" for a few seconds before the pending status is changed. Additionally, if a restart is pending, remote connections (such as PowerShell) may also be unreliable. – Greg Askew May 11 '22 at 19:27
  • @DanielJennings: I think you would need to query the RD Connection Broker for the availability of the remote desktop to get this information (availability, not that the computer is updating, don't know how to query that either!), as it is probably the connection broker that is kicking the session when the remote host is unavailable. Not sure quite what you would need to query for in your circumstances. See if this helps you: https://docs.microsoft.com/en-us/powershell/module/remotedesktop/get-rdvirtualdesktop?view=windowsserver2016-ps – Mr Cholmondley Warner May 11 '22 at 20:02
  • @GregAskew With the most recent round of Window Server 2019 LTSC updates we're seeing it frequently doing something for ten+ minutes where RDP is unavailable but SSH remoting works fine. Haven't had graphical terminal access yet to an affected machine to know what UI is being presented there, but it's clearly in some sort of preparing-to-reboot state that rejects RDP. Possibly updates to the RDP Server were included in a recent security patch or something? – Daniel Jennings May 11 '22 at 20:54