locked
Disable auto-restart after WSUS updates RRS feed

  • Question

  • How to prevent servers from auto-restart after WSUS updates are installed

    I have a WSUS server to manage Windows Updates.

    I set GPO to manage installations.
    I set Configure Automatic Updates with option 4 - Auto download and Schedule the install.

    I would like to configure servers to INSTALL UPDATES BUT NOT TO RESTART AFTER THAT. Is that possible ?

    Windows server 2012 R2 
    Monday, December 23, 2019 1:31 PM

Answers

  • Hi Mohamed,
      

    According to your description, when we set Configure Automatic Updates to Mode 4, updates that involve system file modifications will be scheduled to restart after installation. The required restart will be delayed if you enable the following group policies:
      

    • Turn off auto-restart for updates during active hours
      the PC will not automatically restart after updates during active hours. The PC will attempt to restart outside of active hours.
        
    • No auto-restart with logged on users for scheduled automatic updates installations
      Automatic Updates will wait for the computer to be restarted by any user who is logged on, instead of causing the computer to restart automatically.
        
    • Specify Engaged restart transition and notification schedule for updates
      Control the timing before transitioning from Auto restarts scheduled outside of active hours to Engaged restart, which requires the user to schedule. 
        

    Please consider adjusting one or more of the above group policies based on your actual situation. But please also clear that some security fixes only take effect until the reboot is complete, restart it after the installation is very important and necessary. Also as a reference, this article will introduce the Group Policy related to update installation restart management: "Manage device restarts after updates."
       

    Hope the above can help you.
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 24, 2019 1:20 AM

All replies

  • Hi, You should enable this option: 

    No Auto-restart for Scheduled Automatic Update Installation Options

    This policy specifies that to complete a scheduled installation, Automatic Updates will wait for the computer to be restarted by any user who is logged on, instead of causing the computer to restart automatically.

    If the status is set to Enabled, Automatic Updates will not restart a computer automatically during a scheduled installation if a user is logged on to the computer. Instead, Automatic Updates will notify the user to restart the computer in order to complete the installation.

    Be aware that Automatic Updates will not be able to detect future updates until the restart occurs.

    If the status is set to Disabled or Not Configured, Automatic Updates will notify the user that the computer will automatically restart in 5 minutes to complete the installation.

    This policy applies only when Automatic Updates is configured to perform scheduled installations of updates. If the Configure Automatic Updates policy is disabled, this policy has no effect.

    To inhibit auto-restart for scheduled Automatic Update installation options

    1. In Group Policy Object Editor, expand Computer Configuration, expand Administrative Templates, expand Windows Components, and then click Windows Update.

    2. In the details pane, click No auto-restart for scheduled Automatic Update installation options, and set the option.

    3. Click OK.

    Link: https://docs.microsoft.com/fr-fr/security-updates/windowsupdateservices/18127156


    "Vote or mark as answer if you think useful" "Marquer comme réponse les réponses qui ont résolu votre problème"

    Monday, December 23, 2019 2:12 PM
  • Hi Mohamed,
      

    According to your description, when we set Configure Automatic Updates to Mode 4, updates that involve system file modifications will be scheduled to restart after installation. The required restart will be delayed if you enable the following group policies:
      

    • Turn off auto-restart for updates during active hours
      the PC will not automatically restart after updates during active hours. The PC will attempt to restart outside of active hours.
        
    • No auto-restart with logged on users for scheduled automatic updates installations
      Automatic Updates will wait for the computer to be restarted by any user who is logged on, instead of causing the computer to restart automatically.
        
    • Specify Engaged restart transition and notification schedule for updates
      Control the timing before transitioning from Auto restarts scheduled outside of active hours to Engaged restart, which requires the user to schedule. 
        

    Please consider adjusting one or more of the above group policies based on your actual situation. But please also clear that some security fixes only take effect until the reboot is complete, restart it after the installation is very important and necessary. Also as a reference, this article will introduce the Group Policy related to update installation restart management: "Manage device restarts after updates."
       

    Hope the above can help you.
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 24, 2019 1:20 AM
  • Hi,
     

    Any update is welcome here.
    If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
     

    Thank you for your cooperation, as always.
     

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, December 27, 2019 5:11 AM