1

I have a virtual lab where I manage several 2012R2 servers. On each machine windows update is configured to install updates automatically. I am often not on those machines for weeks at a time. When I do log-in, they almost always are telling me I need to reboot to complete the updates.

How can I configure the servers to just reboot themselves automatically after updates are completed?

There are no shared folders. I do not think there are clients running at night. On some servers SQL Server is installed, but not on most. People can only login via RDP.

Here is a screenshot of all the groups:

enter image description here

EDIT:

I am going to try creating a basic task that will restart the computer every Sunday at 4 am.

How to set up a scheduled reboot

enter image description here

ADH
  • 141
  • 7
  • As far as I know, the server would reboot if no MSSQL are running and if no users are remotely logged in to it. Not sure if it applies even in remote smb connections and open files. Then, if you've set to install updates at - say - 3am, the server will reboot if he can, or will ask you to do so the first time you log back in. You have control over these variables. I'd start creating a GPO to disconnect users from remote sessions if they've been idle since "x". Then check back how it's going on at next patch Tuesday. If you provide more details of this virtual lab I may be more precise. – Marco Aug 20 '17 at 01:44
  • @Marco What else do you need to know? I am not on Active Directory so I would have to set-up a local group policy. I have never done that before. – ADH Aug 21 '17 at 14:19
  • What roles are installed on this server? You have shared folders? During nighttime there are running clients? SQL Server installed? Does people usually login in either locally or remotely on this server via console or RDP? – Marco Aug 21 '17 at 17:37
  • I updated the question. – ADH Aug 22 '17 at 10:20
  • I basically agree with @Mike1980's answer. I'd just try to set a local policy dropping idle remote sessions to check if WU restores his normal resetting after updates behavior, before going for the scripting solution. Also please note that Microsoft releases its updates the second Tuesday of each month, so a weekly Sunday reboot has not much sense. https://technet.microsoft.com/en-us/library/cc754272(v=ws.11).aspx – Marco Aug 22 '17 at 10:45
  • I found instructions for dropping idle sessions. What kind of time limit makes sense to you? https://technet.microsoft.com/en-us/library/ee791886(v=ws.10).aspx – ADH Aug 23 '17 at 09:34
  • 30 minutes will be fine. Lowering this may result In dropping connections of ppl that just were out for a coffee. – Marco Aug 23 '17 at 09:39

1 Answers1

3

You shouldn't need to use a scheduled task to install Windows Updates.

If your have Active Directory in your virtual lab you can configure Windows Updates using a group policy, and configuring the updates to "Auto download and schedule the install".

If you don't have Active Directory you can do the same as you can using a GPO, but using the local group policy, or editing the registry

Last, but not least if you're set on using a scheduled task, there's a PowerShell module called PSWindowsUpdate which can do the job using

Get-WUInstall -AcceptAll -AutoReboot

If you add that command to a powershell script, and then run your scheduled task using -file as a parameter to powershell.exe in your scheduled task it should install the updates and restart at your desired time.

Mike1980
  • 1,018
  • 7
  • 15
  • +1, as the other way the OP told, a scripted task to reboot, can be dangerous if the update isnt finished to restart in the middle of an action. – yagmoth555 Aug 20 '17 at 13:52
  • @yagmoth555 Thanks, I was wondering what was so bad about scripting a task to reboot. – ADH Aug 21 '17 at 14:06
  • I will look into the local group policy solution and let you know. – ADH Aug 21 '17 at 14:07
  • The instructions are telling me to click Wuau.adm in the Windows\Inf folder, but the file is not there. – ADH Aug 21 '17 at 14:10
  • Try installing the administrative templates. https://www.microsoft.com/en-gb/download/details.aspx?id=41193 – Mike1980 Aug 22 '17 at 06:56
  • I installed the templates. The Wuau.adm file is still missing. – ADH Aug 23 '17 at 09:14
  • I did find a windowsupdate.adml file, maybe I can use that. – ADH Aug 23 '17 at 09:21
  • Okay, I found the Wuau.adm file with this download. https://www.microsoft.com/en-us/download/details.aspx?id=18664 – ADH Aug 23 '17 at 09:23
  • I configured automatic updates and disabled the automatic reboot. I will mark this as the answer when I know it's working. – ADH Aug 23 '17 at 09:28