Some severs rebooting even though GPO No Auto Restart is enabled

Discussion in 'Update Services' started by Fulvio, Jan 13, 2006.

  1. Fulvio

    Fulvio Guest

    Hi all,

    I have used WSUS to patch a group of servers and have had different
    responses on the server behaviour. Some servers have behaved as they should
    have, they downloaded and installed the patch but not rebooted as per GPO
    setting.
    Other servers in the same OU/WSUS Group have rebooted after the installation
    of patches.
    Looking at the registry keys the setting is called:
    NoAutoRebootWithLoggedOnUsers.
    So the only thing I can think of is that there was no user logged on at the
    time of the installation unlike my other boxes. I have two questions;

    1) Can anybody confirm this for me?

    2) IF you can confirm, is it possible to configure the servers not to reboot
    even when no user is logged on?

    Many Thanks
    Fulvio
     
    Fulvio, Jan 13, 2006
    #1
    1. Advertisements

  2. In brief - if your servers run mission-critical applications and need to be
    available at all times then you MUST set AU Options to 3, not 4 like you
    have it now. The whole "don't reboot with logged on user" thing is an
    accident waiting to happen on servers since you can't guarantee that someone
    is logged on at the console at any given time. So - change your GPO
    settings to distinguish between servers and workstations. Set workstations
    to AU Option 4 (auto reboot) and leave servers at AU Option 3 (download and
    prompt for install). This will require manual intervention on your part...
    but it's much better than the alternative.
     
    Jeff Centimano [MVP - Windows Server], Jan 13, 2006
    #2
    1. Advertisements

  3. Fulvio

    Fulvio Guest

    Hi Jeff,

    Thanks for your reply and I appreciate your suggestion, but I did not ask
    "How to confgure my servers".
    I know that option 3 is available, I was just trying to uderstand the No
    Autoreboot setting a little better.
    I have now tested it and can confirm that if the machine has a user logged
    on it does NOT reboot, if it hasn't it does reboot.
    Having said that, Does anybody know if there is a way of configuring AU so
    it does not reboot when no user is logged on?

    Thanks

    Fulvio
     
    Fulvio, Jan 17, 2006
    #3
  4. Fulvio

    Dave Mills Guest

    There is not. Use Option 3 is the only way.
     
    Dave Mills, Jan 17, 2006
    #4
  5. NO.... there is NO way to do this. It's beyond the design specifications of
    the Automatic Updates client, and the Windows Server Update Services server.

    The system is designed to install updates, covertly, during non-working
    hours, and promptly reboot the system to ensure /maximum/ protection from
    vulnerabilities (security updates) and instabilities (critical updates).

    What is the point of installing software if you're not going to reboot the
    darn system so that the updates can take effect???

    You might as well NOT install the updates at all!!!
     
    Lawrence Garvin \(MVP\), Jan 18, 2006
    #5
  6. Fulvio

    Fulvio Guest

    Thanks for all your replys.
    To Answer Lawrence, it would make sense to install the patches and control
    the reboot in case of clustered servers. I could install the patches during
    the night and then reboot them individually once taken out of the cluster.
    This would save us a lot of time all we would need to do is to reboot the
    servers instead of installing and reboot as per option 3.
     
    Fulvio, Jan 18, 2006
    #6
  7. Fulvio

    Dave Mills Guest

    It seldom takes more than a minute or two to install the patches.
    Usually about the same as a reboot takes. I'm not a clustering chap
    but I would have thought a partly patched server as a member of the
    cluster was even more dangerous than a partly patched non-clustered
    server.
     
    Dave Mills, Jan 19, 2006
    #7
    1. Advertisements

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments (here). After that, you can post your question and our members will help you out.