Update schedule for infrastructure with no graceful shutdown RRS feed

  • Question

  • Hi,

    We are currently in the process of putting some patch management services in place for our estate, around 150 sites and offices with no interconnectivity. 

    We do not want to use WSUS on premise as we are putting in another platform.

    All our workstations in our sites are turned off forcefully via a master power isolation switch each night, this unfortunately is a behaviour we cannot get our users to change.

    I was hoping to get the correct settings for applying updates from the web on a schedule which means when the machines turn back on they apply the updates that would have been installed/downloaded while the workstation was online before, meaning work is only interrupted when the machine boots.

    I can see with the GPO Configure Automatic Updates has the setting Auto download and notify for install, but not one to auto install and pend a reboot.

    So the first question is can I set to auto install and pend a reboot and where is this GPO stored

    second question is can I separate it so that only security updates get installed instead of features without using management such as WSUS

    Thanks in advance

    Friday, January 17, 2020 12:00 PM