Usually, Windows clients should install the Updates automatically. Since some clients are always powered on, the Windows installation does not work. For example, if an update requires a reboot, Windows waits forever and no further updates are installed on the computer.
For such cases, we found following solution:
- Create a Cron Job, once a Day e.g. every Wednesday early in the morning
- The job should have a long runtime. e.g. > 5 hours
- Check if a reboot is required
- if not => Just force the normal Windows Update Installation
- if a reboot is required => Send a Message to currently logged-in user and reboot
We have tested this Cron Job at several customers and the user acceptance was good. Nobody likes to install Windows Updates but with this job we found a good balance between security (=installing the Updates) and needling the users. For special users you can add a Exclude Hardware tag.
