none
WSUS - Notification to restart to complete installation - Windows 10 1809 RRS feed

  • Question

  • I need to configure a WSUS GPO to schedule the installation of updates at a specific time.  I will have a test group before pushing to production workstations/laptops. 

    I am unable to force deadlines or to restart computers so I am left with having to push the updates and relying on users to restart their computers to complete the installation or to log off so that the updates will complete.

    My problem is that the restarts notification for updates is not displaying for users that are logged in. 

    My GPO setup is below:

    

    Questions:

    1. Can anyone tell me what is missing in the GPO why the notifications are not displaying for admin or non-admin logged on users? 
    2. Is there a way to have the notification pop up every e.g. 30 mins to remind users of the required restart?
    3. If no users are logged in, will the updates get installed and the computer restarted with this current GPO?

    I am running a Windows 2016 WSUS.  The clients are mosltly Windows 10 ver 1809.

    Any help would be much appreciated.

    CJ



    Monday, December 9, 2019 10:47 PM

All replies

    • Proposed as answer by Ana Gauna Saturday, December 14, 2019 1:50 AM
    • Unproposed as answer by chineyJam123 Tuesday, December 17, 2019 9:48 PM
    Monday, December 9, 2019 11:00 PM
  • I used this link to update several computers and everything worked with me.
    This upgrade takes approximately 2-3 hours, it depends on how much RAM you have and depends on how much free hard disk space you have, some computers get faster, some computers take longer to complete, and Windows restarts several times. automatic.

    https://www.microsoft.com/en-us/software-download/windows10


    Ana Gauna | Senior Business Systems Analyst | MCSE Microsoft Windows Server | Rio de Janeiro | Brazil | If I helped you, mark the answer as useful

    • Proposed as answer by Ana Gauna Saturday, December 14, 2019 1:50 AM
    • Unproposed as answer by chineyJam123 Tuesday, December 17, 2019 9:48 PM
    Monday, December 9, 2019 11:03 PM
  • Questions:

    1. Can anyone tell me what is missing in the GPO why the notifications are not displaying for admin or non-admin logged on users? 
    2. Is there a way to have the notification pop up every e.g. 30 mins to remind users of the required restart?
    3. If no users are logged in, will the updates get installed and the computer restarted with this current GPO?

    If you want to implement these cancellations, we recommend that you only configure and enable the following group policies:
       

    • [Specify intranet Microsoft update service location] Keep the current configuration.
    • [Configure Automatic Updates] Keep the current configuration.
    • [Automatic Updates detection frequency] Keep the current configuration.
    • [Allow non-administrators to receive update notifications] Configured to enable.
    • [Configure auto-restart warning notifications schedule for updates] Configured to enable. And configure the warning time limit for automatic restart.
       

    The remaining group policies have nothing to do with your purpose, it is recommended to adjust to unconfigured first, and when it is determined that this solution is feasible, then test them gradually to add them.
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 10, 2019 1:32 AM
  • In Group Policy, go to Computer Configuration\Administrative Templates\Windows Components\Windows Update and pick Specify Engaged restart transition and notification schedule for updates.

    More details are available here,

    https://docs.microsoft.com/en-us/windows/deployment/update/waas-restart

    Tuesday, December 10, 2019 1:39 AM
  • In Group Policy, go to Computer Configuration\Administrative Templates\Windows Components\Windows Update and pick Specify Engaged restart transition and notification schedule for updates.

    More details are available here,

    https://docs.microsoft.com/en-us/windows/deployment/update/waas-restart

    Thanks for the reply.

    I read this specific policy and it states:

    Enabling any of the following policies will override the above policy:
        1. No auto-restart with logged on users for scheduled automatic updates installations
        2. Always automatically restart at scheduled time
        3. Specify deadline before auto-restart for update installation

    I have "No auto-restart with logged on users for scheduled automatic updates installations" enabled so I am not sure this particular policy will work.  Can you confirm this?

    Thanks,

    CJ

    Tuesday, December 10, 2019 2:28 AM
  • Questions:

    1. Can anyone tell me what is missing in the GPO why the notifications are not displaying for admin or non-admin logged on users? 
    2. Is there a way to have the notification pop up every e.g. 30 mins to remind users of the required restart?
    3. If no users are logged in, will the updates get installed and the computer restarted with this current GPO?

    If you want to implement these cancellations, we recommend that you only configure and enable the following group policies:
       

    • [Specify intranet Microsoft update service location] Keep the current configuration.
    • [Configure Automatic Updates] Keep the current configuration.
    • [Automatic Updates detection frequency] Keep the current configuration.
    • [Allow non-administrators to receive update notifications] Configured to enable.
    • [Configure auto-restart warning notifications schedule for updates] Configured to enable. And configure the warning time limit for automatic restart.
       

    The remaining group policies have nothing to do with your purpose, it is recommended to adjust to unconfigured first, and when it is determined that this solution is feasible, then test them gradually to add them.
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thanks for the assistance Yic.

    The "Configure auto-restart warning notifications schedule for updates" setting states:

    Since users are not able to postpone a scheduled restart once the deadline has been reached, you can configure a warning reminder prior to the scheduled restart. You can also configure a warning prior to the restart, to notify users once the restart is imminent and allow them to save their work.

    I do not have a schedule restart or deadline configured.  

    I have "No auto-restart with logged on users for scheduled automatic updates installations" enabled.  So as long as a user is logged in, there will be no restart of the computer.

    From what I understand, with the no auto restart with logged on users enabled, if I enable "Configure auto-restart required notification for updates" to "2" A user that gets this notification must manually dismiss it.

    I have yet to see this notification from my testing, but how how you configure the reminder to re-prompt the user, instead if them dismissing it and forgetting about the restart?

    Thanks,

    CJ

    Tuesday, December 10, 2019 2:47 AM
  • Hi CJ,
       

    I'm sorry I do not have a very clear understanding of the intent.
    The specific solution may require some testing before you can come to it. You can refer to Microsoft's article about some explanations and suggestions for delayed restart of Group Policy: "Manage device restarts after updates".
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 11, 2019 8:36 AM
  • Hi and thanks again but I have read that article and the settings are not applying.

    I want to achieve the following:

    • Schedule the download and installation of updates
    • No automatic restarts if a user is logged on
    • Notify logged in users via popup notification that a restart is required that they must dismiss
    • Have the pop up restart notification pop up every hour for the logged in user
    • If no user is logged on, the computer will install the updates and restart
    • Disable "Install updates and shutdown" on the shutdown dialog box 
    • Report on computers that are pending restart

    The computers are running Windows 10 version 1809. 

    WSUS server is 2016

    Wednesday, December 11, 2019 8:10 PM
  • Hi and thanks again but I have read that article and the settings are not applying.

    I want to achieve the following:

    • Schedule the download and installation of updates
    • No automatic restarts if a user is logged on
    • Notify logged in users via popup notification that a restart is required that they must dismiss
    • Have the pop up restart notification pop up every hour for the logged in user
    • If no user is logged on, the computer will install the updates and restart
    • Disable "Install updates and shutdown" on the shutdown dialog box 
    • Report on computers that are pending restart

    The computers are running Windows 10 version 1809. 

    WSUS server is 2016

    Let's analyze these needs:
       

    Group Policy: [Configure Automatic Updates] Can be achieved:

    • Schedule the download and installation of updates
        

    Group Policy: [No auto-restart with logged on users for scheduled automatic updates installations] Can be achieved:

    • No automatic restarts if a user is logged on
    • If no user is logged on, the computer will install the updates and restart
         

    Group Policy: [Configure auto-restart reminder notifications for updates] Can be achieved:

    • Notify logged in users via popup notification that a restart is required that they must dismiss
        

    In [WSUS console > Computer report] Can be achieved:

    • Report on computers that are pending restart

    The following functions may not be implemented:

    • Have the pop up restart notification pop up every hour for the logged in user
      I haven't tested the right group policies to achieve this. But Group Policy [Specify Engaged restart transition and notification schedule for updates] can help delay the restart time, it is not necessary to specify a deadline.
    • Disable "Install updates and shutdown" on the shutdown dialog box
      Group Policy [Do not display ´Install Updates and Shut Down´ option in Shut Down Windows dialog box] does not apply to Windows 10.
        

    The above is my research so far, but I still can't find the most suitable solution for you.
    But hope this helps your follow-up analysis.
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Thursday, December 12, 2019 7:06 AM
  • Thank you for your assistance with this. 

    Unfortunately I cannot even get a notification that a restart is required to pop up/notify the logged in user.

    Has this worked for you based on the policies below:
    ---------------------
    Group Policy: [No auto-restart with logged on users for scheduled automatic updates installations] Can be achieved:

    No automatic restarts if a user is logged on
    If no user is logged on, the computer will install the updates and restart
    ----------------------
    Group Policy: [Configure auto-restart reminder notifications for updates] Can be achieved:

    Notify logged in users via popup notification that a restart is required that they must dismiss

    ----------------------

    I do see via WSUS server that an update is pending a restart but the logged on user does not get a prompt:

    Also I am unable to remove the shutdown options or allow the user to shutdown and not install the updates.  The only options are:

    Am I missing something or do these Group Policies just not work as I expect?

    thanks

    CJ

    Friday, December 13, 2019 4:15 PM
  • Hi CJ,
      

    As I responded earlier, I'm sorry I haven't found a group policy plan that is exactly right for your needs.
      

    When Configure Automatic Updates is configured to 4, in order to complete the installed update process, the necessary restart will be scheduled to be performed. It has been determined that we can implement delayed restarts, as well as prompts before restarting. But for Group Policy in the Windows Update section, the update prompt in the Windows 10 Start menu cannot be canceled. Reminders every 30 minutes also don't seem to match directly with Group Policy. 
      

    This is my current finding and may require more testing.
      

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Monday, December 16, 2019 8:16 AM
  • The notifications clearly do not work as the GP settings describe.  I have read numerous articles, comments and forums with people experiencing the same problem.

    Is there another GP setting that controls the "Show a notification when you PC requires a restart to finish updating"?  I see that it is grayed out in Windows Updates > Advanced menu and set to "Off":


    If this could be controlled and turned "On" via GPO, then this may work?

    Any suggestions are appreciated.

    CJ

      
    Tuesday, December 17, 2019 9:47 PM
  • Step 2: Configure WSUS

    https://docs.microsoft.com/en-us/windows-server/administration/windows-server-update-services/deploy/2-configure-wsus


    Ana Gauna | Senior Business Systems Analyst | MCSE Microsoft Windows Server | Rio de Janeiro | Brazil | If I helped you, mark the answer as useful

    • Proposed as answer by Ana Gauna Wednesday, December 18, 2019 12:21 AM
    • Unproposed as answer by chineyJam123 Wednesday, December 18, 2019 3:46 PM
    Wednesday, December 18, 2019 12:21 AM
  • Is there another GP setting that controls the "Show a notification when you PC requires a restart to finish updating"?  I see that it is grayed out in Windows Updates > Advanced menu and set to "Off":

    If this could be controlled and turned "On" via GPO, then this may work?

    Any suggestions are appreciated.

    CJ

      

    Hi CJ,
      

    When "Turn off auto-restart notifications for update installations" is set to enable, "Show a notification when you PC requires a restart to finish updating" on the client Windows Update cannot be adjusted.
      

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Wednesday, December 18, 2019 6:47 AM
  • Is there another GP setting that controls the "Show a notification when you PC requires a restart to finish updating"?  I see that it is grayed out in Windows Updates > Advanced menu and set to "Off":

    If this could be controlled and turned "On" via GPO, then this may work?

    Any suggestions are appreciated.

    CJ

      

    Hi CJ,
      

    When "Turn off auto-restart notifications for update installations" is set to enable, "Show a notification when you PC requires a restart to finish updating" on the client Windows Update cannot be adjusted.
      

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Unfortunately this policy is also not working.  I have set "Turn off auto-restart notifications for update installations" to both Disabled as well as Not configured.  Either settings do not enable / turn on the notification setting on the windows 10 computers.

    Is it possible that these GPO settings do not apply to Windows 10 Professional?

    Wednesday, December 18, 2019 3:41 PM
  • I managed to unlock the option for the Win 10 Pro clients "Show a notification when you PC requires a restart to finish updating"

    But I still do not know how to enable/turn 'On" this option via Group Policy?  Any ideas?

    thanks for your continued help.

    CJ

    Wednesday, December 18, 2019 10:01 PM
  • See: https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-4-creating-your-gpos-for-an-inheritance-setup/

    Section: I Want Notifications!!!


    Adam Marshall, MCSE: Security
    https://www.ajtek.ca
    Microsoft MVP - Windows and Devices for IT

    Thursday, December 19, 2019 1:14 AM
  • Appreciate the info AJTek!  Too bad this is not a setting GPO and a registry entry is required.

    I did switch the "Show a notification when you PC requires a restart to finish updating" to "On" and approved some updates in my lab.  The result was that the computers did get the notification below:

    Unfortunately the wording in this notification will cause confusion for users in that we are not setting deadlines or scheduling restarts outside of active hours.  

    Is it possible to have one of these notification messages instead:

    Or

    or

    CJ

    Thursday, December 19, 2019 5:58 PM
  • No, but you should be using Active Hours. 1809 allows for an 18 hour work-day. See the same page linked above for more info.

    Updates REQUIRE a restart to be applied, so it's part of the patch management process. If left up to the user, without any type of deadline, most users will keep putting it off. The deadline GPO that is shown in my guide will alert them that the computer will restart in 2 days, 3 days, or however many you put, and give them the option to restart now or later.


    Adam Marshall, MCSE: Security
    https://www.ajtek.ca
    Microsoft MVP - Windows and Devices for IT

    Thursday, December 19, 2019 7:44 PM
  • No, but you should be using Active Hours. 1809 allows for an 18 hour work-day. See the same page linked above for more info.

    Updates REQUIRE a restart to be applied, so it's part of the patch management process. If left up to the user, without any type of deadline, most users will keep putting it off. The deadline GPO that is shown in my guide will alert them that the computer will restart in 2 days, 3 days, or however many you put, and give them the option to restart now or later.

    Agree.
    If you really want to prevent users from being troubled by the restart caused by automatic update + automatic installation, configuring active hours is a suitable choice. Up to now, I still find that only [Specify Engaged restart transition and notification schedule for updates] can play a role of specific delay.
       

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Friday, December 20, 2019 7:44 AM
  • Hi,
     

    Any update is welcome here.
    If the issue is resolved, share your solution or find the helpful response "Mark as Answer" to help other community members find the answer.
     

    Thank you for your cooperation, as always.
     

    Regards,
    Yic

    Please remember to mark as answers if they help.
    If you have feedback for TechNet Subscriber Support, contact tnmff@microsoft.com.

    Tuesday, December 31, 2019 3:11 AM