locked
Windows Update clients not following WSUS GPO schedule RRS feed

  • Question

  • Hi

    I've issues with schedule installation through WSUS.

    Here's what i want

       - Schedule installation every sunday at 4pm
       - No windows update notifications for clients (even administrator)
       - No Reboot of clients 
       - Windows Update Client can download updates but not installing it until schedule 
       - Autorize reboot only at schedule date

    My configuration

    Windows Server 2012 R2 
    Windows 10 1909 clients
    GPOs configuration : wsus html report

    LogsGet-WindowsUpdateLog

    We can see that wu client install updates even with the setting AUOptions 4 set.

    I don't know why...


    Thanks in advance



    • Edited by lopm46 Monday, January 20, 2020 1:11 PM fail
    Monday, January 20, 2020 1:09 PM

All replies

  • Follow up the given troubleshoot steps in below guide,

    https://gallery.technet.microsoft.com/Troubleshooting-WSUS-d63da113?redir=0

    Monday, January 20, 2020 2:08 PM
  • Thanks for your link, i'm gonna check this!

    • Edited by lopm46 Monday, January 20, 2020 4:56 PM ui
    Monday, January 20, 2020 3:26 PM
  • Everything seems correct but WU client keep installing updates right after download them :/

    Question : Normaly, if we trigger WU search manualy he will follow schedule gpo installation  or gpo is follow only at "Automatic update detection frequency" interval ?



    • Edited by lopm46 Monday, January 20, 2020 9:29 PM ui
    Monday, January 20, 2020 7:09 PM
  • Hi,
       

    First, the following Group Policies are not supported on Windows 10, so their function can be ignored:
       

    • Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box
    • Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box
    • Reschedule Automatic Updates scheduled installations
    • Turn on Software Notifications
         

    Secondly, regarding "No auto-restart with logged on users for scheduled automatic updates installations", if the status is set to Enabled, Automatic Updates will not restart a computer automatically during a scheduled installation if a user is logged in to the computer. Instead , Automatic Updates will notify the user to restart the computer. So the notice about notify is unavoidable.
       

    So depending on your needs, you might consider enabling the following group policies:
       

    • Specify Engaged restart transition and notification schedule for updates
        

    Enable this policy to control the timing before transitioning from Auto restarts scheduled outside of active hours to Engaged restart, which requires the user to schedule. 
       

    Hope the above can help you.
      

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, January 21, 2020 7:21 AM
  • Thanks for your answer.

    But if i enable this policy, users will be notify of reboots ? I don't want any interaction of users relating WU. 
    I set schedule installation to Sunday, a free day, no users and i wake my computers with WOL.

    I just want to WU wait till sunday to install updates and not notify users at all.

    I clean my GPOs, here's now :


    Tuesday, January 21, 2020 8:41 AM
  • Question : Normaly, if we trigger WU search manualy he will follow schedule gpo installation  or gpo is follow only at "Automatic update detection frequency" interval ?

    I noticed that, if you are testing by clicking "Check for updates", the update will be installed directly.
    If you need to simulate a detection mode that follows Group Policy, consider doing it in Powershell:
       

    (new-object -Comobject Microsoft.Update.AutoUpdate).Detectnow()
        
    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, January 27, 2020 1:28 AM
  • Hi,
     

    Any update is welcome here.
    If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
     

    Thank you for your cooperation, as always.
     

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, February 3, 2020 2:12 AM
  • I set the gpo "Automatic update Frquency" to 1h but i don't think clients follow this rules.

    When i run the command :

    (new-object -Comobject Microsoft.Update.AutoUpdate).Detectnow()

    It doing this : https://i.gyazo.com/d933513405facda6a4babd6466fb5425.mp4

    But when i click to "Check for updates" it find the update.

    How can i know how the last update verification (01/20/2020 at 15:23) was trigger ? 

    Tuesday, February 4, 2020 4:09 PM