none
Windows 2012R2 servers NOT rebooting when configured to do so after installing Windows Updates

    Question

  • Good morning

    I am trying to troubleshoot an issue where my Windows 2012R2 (other servers such as 2008/R2 don't seem to have this problem) servers do not automatically reboot after installing updates despite being configured to do so by group policy.

    When viewing the update history on these servers I can see the updates were installed with some having a status of 'successful' but others having a status of 'pending restart'. The servers should have rebooted but haven't. Up until this round of updates they were rebooting correctly after installing updates. It doesn't make much sense.

    Here are the group policy settings I have configured for one of the servers that will not reboot (all the other servers have the same settings except for the scheduled installation date.



    Windows Components/Windows Update

    Policy Setting Comment
    Always automatically restart at the scheduled time Enabled
    The restart timer will give users
    this much time to save their
    work (minutes): 15
    Policy Setting Comment
    Automatic Updates detection frequency Enabled
    Check for updates at the following
    interval (hours): 22
    Policy Setting Comment
    Configure Automatic Updates Enabled
    Configure automatic updating: 4 - Auto download and schedule the install
    The following settings are only required and applicable if 4 is selected.
    Install during automatic maintenance Disabled
    Scheduled install day: 3 - Every Tuesday
    Scheduled install time:

    06:00

    Policy

    Setting Comment
    Enable client-side targeting Enabled

    Target group name for this computer

      Windows Update Group

    Policy

    Setting Comment
    Reschedule Automatic Updates scheduled installations Disabled
    Specify intranet Microsoft update service location Enabled
    Set the intranet update service for detecting updates: http://wsusserver.domain.local:8530
    Set the intranet statistics server: http://wsusserver.domain.local:8530
    (example: http://IntranetUpd01)

    Policy

    Setting Comment
    Turn on recommended updates via Automatic Updates Enabled



    Any advice or insight that can be offered will be greatly appreciated.

    Regards

    • Edited by Netmales Tuesday, November 17, 2015 9:37 AM edit
    Tuesday, November 17, 2015 9:36 AM

All replies

  • Hi ,Netmales

    Could you please check whether the correct registry key below has been created on the problematic machines?

    HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

    Value: AlwaysAutoRebootAtScheduledTime

    Type: REG_DWORD

    Value data: 1 (force a restart)


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, November 18, 2015 8:18 AM
    Moderator
  • Hello

    Thank you for your response - I have already checked that and it is set to 1 on all servers. I was looking around for solutions to this issue and came across as that as something to check.

    These servers actually did used to reboot after installing updates. Now they don't. Literally within the last couple of weeks this has started happening.

    Kind regards


    • Edited by Netmales Wednesday, November 18, 2015 5:15 PM edit
    Wednesday, November 18, 2015 11:03 AM
  • Hi, Netmales

    Thanks for the update.

    So Group Policy applied successfully on these machines. This setting is applicable to Windows Server 2012 R2, not sure why the server doesn’t ready the registry key. Any specific settings on these machines, probably some security software? I’d suggest you to reboot computers manually this time and then keep monitoring until next round update. If all things are going well next time, it should be update package problem.


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, November 19, 2015 8:16 AM
    Moderator
  • Hello

    I can't think of anything. This used to work up until last week basically. No settings on the machines have been changed, the only thing that's changed is updates have been installed.

    This is really very annoying.

    Regards

    Thursday, November 19, 2015 10:27 AM
  • This is odd. Anything useful in the Event Viewer? If no, it’s hard for us to troubleshoot the issue.

    I’d suggest to reboot computers manually for this time and then keep monitoring until next round update. Probably some specific updates are blocking Windows from rebooting.


    Please remember to mark the replies as answers if they help and un-mark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.


    Friday, November 20, 2015 8:32 AM
    Moderator
  • Hi, we are seeing this excact behavior on our 2012R2 servers too! November none of the 2012R2s rebooted after black tuesday patching, and the same happened december. Servers rebooted manually dont reboot the next time it receives an update. We have double checked our GPOs and they seem ok. Time to contact MS support.
    Wednesday, December 16, 2015 4:04 PM
  • We are experiencing the same issue for a subset of our 2012R2 servers - updates downloaded and successfully installed in November and December are flagged as 'Pending Restart.'

    There is nothing useful in the Windows Update Operation Log, and the most proximate entry to the latest round of updates related to Windows Update is an informational entry:

    Restart Required: To complete the installation of the following updates, the computer will be restarted within 15 minutes: 
    - Security Update for Windows Server 2012 R2 (KB3109103)
    - Update for Windows Server 2012 R2 (KB3112336)
    - Security Update for Windows Server 2012 R2 (KB3108381)
    - Security Update for Windows Server 2012 R2 (KB3109094)
    - Windows Malicious Software Removal Tool for Windows 8, 8.1, 10 and Windows Server 2012, 2012 R2 x64 Edition - December 2015 (KB890830)
    - Security Update for Microsoft .NET Framework 3.5 on Windows 8.1 and Windows Server 2012 R2 for x64-based Systems (KB3099864)
    - Security Update for Windows Server 2012 R2 (KB3108347)
    - Cumulative Security Update for Internet Explorer 11 for Windows Server 2012 R2 (KB3104002)

    However, the restart never happens. Most (but not all) of the affected servers have IIS installed on them.


    • Edited by Michael.1990 Friday, December 18, 2015 1:24 AM typo
    Friday, December 18, 2015 1:23 AM
  • This is still happening for me. Again only on Windows 2012R2 servers since Novemeber patches. This is incredibly annoying. Has anyone got any further with this?

    FIX THIS PLEASE MICROSOFT! None of my Windows 2012R2 servers are automatically rebooting or installing new updates!!!

    Tuesday, January 19, 2016 9:12 AM
  • We're also still getting this issue.

    Curious - we have a mix of servers that are rebooting/not rebooting with 2012R2. The ones that are not rebooting seem to have either active or disconnected RDP sessions, whereas the ones that are still playing nicely do not.

    Can you confirm if that's the same for your environment? It could be that the servers are ignoring the GPO setting to reboot even if there are users that are logged in.

    Sunday, January 31, 2016 11:32 PM
  • seems that KB3112336 is causing this reboot problem
    Friday, February 05, 2016 1:24 PM
  • Hi Chris

    What makes you say that? Is it through testing or through some commentary either by Microsoft or someone else?

    Additionally what did you do to resolve the problem?

    Kind regards

    Monday, February 08, 2016 9:09 AM
  • i tested it with a clean windows server 2012 r2 iso from microsoft.
    Then i installed all updates till August 2015 online from microsoft update.
    I put the server in a test wsus group where i only approved kb3124275.
    The WSUS Policy is set to:

    Policy Setting Comment 
    Always automatically restart at the scheduled time Enabled  
    The restart timer will give users 
    this much time to save their 
    work (minutes):  15 
     
    Policy Setting Comment 
    Automatic Updates detection frequency Enabled  
    Check for updates at the following 
    interval (hours):  1 
     
    Policy Setting Comment 
    Configure Automatic Updates Enabled  
    Configure automatic updating: 4 - Auto download and schedule the install 
    The following settings are only required and applicable if 4 is selected. 
    Install during automatic maintenance Disabled 
    Scheduled install day:  0 - Every day 
    Scheduled install time: 13:00 
     
    Policy Setting Comment 
    Enable client-side targeting Enabled  
    Target group name for this computer test 
     
    Policy Setting Comment 
    Specify intranet Microsoft update service location Enabled  
    Set the intranet update service for detecting updates: http://wsus.domain.local:8530 
    Set the intranet statistics server: http://wsus.domain.local:8530 
     
    I logged in to the server and waited for the scheduled install time. -> kb3124275 was installed and a 15 min reboot countdown was displayed.

    After this successful try i uninstalled kb3124275 and installed all updates from Sept. 2015. -> kb3124275 was installed via wsus and a 15 min reboot countdown was displayed.

    I repeated this procedure till i reached kb3083711(oct) kb3112336(Dec) and kb3135449(Feb) which are all updates to the wsus client.
    If any of these are installed NO auto reboot occurs. not in 15mins nor in 3 days nor after 1 week.


    • Edited by chris_ss Monday, February 08, 2016 5:16 PM
    Monday, February 08, 2016 12:51 PM
  • if kb3083711(oct), kb3112336(Dec) or kb3135449(Feb) is installed NO auto reboot occurs if a user is logged on.

    if nobody is logged on the auto reboot is working.

    so the policy "Always automatically restart at the scheduled time" is working if no user is logged on.

    i will set the policy "Install during automatic maintenance" to Enabled to see if it makes any difference for logged in users.

    Monday, February 08, 2016 7:54 PM
  • setting the policy "Install during automatic maintenance" to Enabled doesn't make any difference if a user is logged in. No auto reboot and no indication that a reboot is necessary to finish update installation.
    Tuesday, February 09, 2016 9:04 AM
  • Same Problem here. Non of our 2012R2 Servers are rebooting after automatic updates since the october patchday. I've also tested it on a clean windows iso and can confirm the results of chris_ss. Some updates (e.g. KB3087137 and KB3087390) stuck on pending restart if a user is logged on.

    Have anyone already tried to open a offical support case about this?



    • Edited by Johannes.K Tuesday, February 16, 2016 9:40 AM
    Tuesday, February 16, 2016 9:38 AM
  • We logged it with MS last week. They confirmed a bug earlier this week and they'll be releasing a fix probably in March, KB hasn't been published yet. Not many more details as to whether it will be released as a security/critical update or just as an optional.
    Wednesday, February 17, 2016 4:48 AM
  • That is very good to hear, please keep us updateted!

    • Edited by Joosep Wednesday, February 17, 2016 11:28 AM
    Wednesday, February 17, 2016 11:22 AM
  • The official package has been released https://support.microsoft.com/en-us/kb/3138615.

    It shall solve the issue for everyone here.

    • Proposed as answer by chris_ss Friday, March 04, 2016 11:59 AM
    Wednesday, March 02, 2016 4:35 PM
  • Hello

    Thanks for the update. I have installed this KB on one my affected servers and will report back next week after it installs scheduled updates next week.

    Cheers

    Thursday, March 03, 2016 1:23 PM
  • Thanks for the update!

    I tested this update on one of the servers, that had some updates for install.

    For testing i left there also some disconnected sessions and the server restarted as it should.

    Friday, March 04, 2016 6:56 AM
  • Hi

    Thanks for the info.
    I installed KB3138615 and can confirm that auto restarts are working again.


    Friday, March 04, 2016 11:58 AM
  • I have installed KB3138615 and 2012 r2 servers are still not rebooting if there are disconnected rdp sessions. I have all those policy settings set. If no rdp sessions, server reboots as expected. Any one else still having issues even after this patch?
    Tuesday, April 26, 2016 3:15 PM
  • Did you make sure to reboot all your servers after the patch was installed? It's not enough to just install the patch, you also have to make sure that they're all rebooted after it's been installed before the update is in effect. 


    Andreas Hultgren<br/> MCTS, MCITP<br/> <a href="http://ahultgren.blogspot.com/">http://ahultgren.blogspot.com/</a>

    Tuesday, April 26, 2016 3:20 PM
  • Yes, rebooted in March and all were rebooted when the badlock stuff came out. So twice. And when updates were applied last tuesday a few servers are pending still.
    Tuesday, April 26, 2016 3:28 PM