Windows Update Gripe

Collin Willis 11 Reputation points
2022-10-19T15:00:26.177+00:00

Hi All,

Can someone explain to me why when a Windows Server says, "Updates are ready to install" with an "Install Now" button, it starts to download the updates when you click on the "Install now" button. Isn't there a config whereby the system automatically downloads the latest update, then waits for an admin to trigger the install in a window where a reboot is acceptable?

I can see how there could be an issue with this if the Administrator ignores the completed download and modifies the server in such a way that the downloaded package is no longer relevant to the build, but surely that's an easy issue to overcome with a final check when the "Install now" button is pressed which could trigger another download if the check finds the build so different to what it was when it did the auto-download.

If they can't implement something like that, then I think it would be more useful if the page said, "Updates are available." as indeed it does, but below the list of updates, there should be two buttons, "Download" and a separate "Install" button. As I would deem it perfectly safe to download the patches, and this could be done any time, then the install needs to happen in a change window with an approved Change Request. The problem I'm having is I cannot guess how long the download is going to take. The actual Install is bad enough to guess but combined, there's no chance. This means my change window is often two large or too small!

I hear dissenting voices saying, "What's your problem? When you click the "Install now" button, it kind of does what you want anyway, i.e., it downloads and installs, but doesn't reboot until you say so. And yes, I've been using that process, but the server is in an unstable state after the ‘download & install’ as the install will have replaced DLLs or files that were not locked (in use) and staged the replacement of those that were locked, to be replaced after the boot. Which means you really should reboot as soon as you can after the install. Maybe I'm wrong with my understanding of how that all works, do let me know if that's the case.

Okay, rant over.

Thanks

Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
13,074 questions
0 comments No comments
{count} votes

2 answers

Sort by: Most helpful
  1. Michael Taylor 54,316 Reputation points
    2022-10-19T15:54:44.923+00:00

    Refer to this doc on how to do that. I've never seen anyone use this feature on a server but it should work like the client. In most cases people just use WSUS and therefore "download" isn't an issue.

    In GP you can configure auto updates to automatically download the update and then notify you they are ready to install. Do be aware however that it may download more updates then you actually want to install so keep an eye on your free space. Not sure when they get cleaned up.

    0 comments No comments

  2. Adam J. Marshall 9,386 Reputation points MVP
    2022-10-19T16:10:40.917+00:00

    And if you want some more details on the policies

    https://www.ajtek.ca/wsus/how-to-setup-manage-and-maintain-wsus-part-4-creating-your-gpos-for-an-inheritance-setup/

    Section: Servers GPOs – Create Rings

    0 comments No comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.