none
Approve for removal - update required?

    Question

  • Hi,

    I'm looking into the WSUS "Approve for removal" feature and had a question.  If I approve 2 KBs for removal and do not set a deadline, will a reboot happen automatically?  There's a good chance that the machines will have users logged in, and I would prefer for them to receive a "reboot required" dialog box.

    I apologize if this explanation is not clear.  Thanks for any help!

    Tim

    Thursday, August 21, 2014 7:16 PM

Answers

  • I'm looking into the WSUS "Approve for removal" feature and had a question.  If I approve 2 KBs for removal and do not set a deadline, will a reboot happen automatically?

    If necessary to facilitate the uninstallation, then Yes.

    There's a good chance that the machines will have users logged in, and I would prefer for them to receive a "reboot required" dialog box.

    If they have those privileges, they will; but my question in these scenarios is always this: Why are you doing patch maintenance during working hours in the first place?

    You've already stated this is WITHOUT a deadline, so that tells me your regularly *scheduled* patch installation event is during working hours!

    Frankly, if updates are critical enough to "Approve For Removal", then they ought to have expired deadlines, uninstalled *immediately*, and inconveniencing users should be the least of your worries.

    Which is worse:

    • An uninstallation requiring a reboot with notice, or
    • A BLUE SCREEN caused by a defective patch still installed?

    Which one is more likely to cause catastrophic data loss? :-)


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Friday, August 22, 2014 1:57 AM
    Moderator

All replies

  • I'm looking into the WSUS "Approve for removal" feature and had a question.  If I approve 2 KBs for removal and do not set a deadline, will a reboot happen automatically?

    If necessary to facilitate the uninstallation, then Yes.

    There's a good chance that the machines will have users logged in, and I would prefer for them to receive a "reboot required" dialog box.

    If they have those privileges, they will; but my question in these scenarios is always this: Why are you doing patch maintenance during working hours in the first place?

    You've already stated this is WITHOUT a deadline, so that tells me your regularly *scheduled* patch installation event is during working hours!

    Frankly, if updates are critical enough to "Approve For Removal", then they ought to have expired deadlines, uninstalled *immediately*, and inconveniencing users should be the least of your worries.

    Which is worse:

    • An uninstallation requiring a reboot with notice, or
    • A BLUE SCREEN caused by a defective patch still installed?

    Which one is more likely to cause catastrophic data loss? :-)


    Lawrence Garvin, M.S., MCSA, MCITP:EA, MCDBA
    SolarWinds Head Geek
    Microsoft MVP - Software Packaging, Deployment & Servicing (2005-2014)
    My MVP Profile: http://mvp.microsoft.com/en-us/mvp/Lawrence%20R%20Garvin-32101
    http://www.solarwinds.com/gotmicrosoft
    The views expressed on this post are mine and do not necessarily reflect the views of SolarWinds.

    Friday, August 22, 2014 1:57 AM
    Moderator
  • Thanks for your response, Lawrence.  

    In my environment, users have far too much control over their computers (long standing policy decision that IT has been fighting for years).  Currently, machines receive any patches overnight, but the end user can indefinitely delay the reboot.  Many users simply lock their machines at the end of the day and stay logged in all the time such that they are able to remotely access their work computers.

    Thanks again for answering the question.

    Friday, August 22, 2014 11:12 AM