Hi All,
Need your help to understand and resolve below WSUS related issue?
Client workstation has been configured with below WSUS group polices.
We have more than 2000 workstation which are part of same OU and same WSUS group policy.
This workstations has customize windows XP and 7 OS and its use as cash counter pc like in Mall.
We found 60% workstation has been patched with latest update automatically and rest of not patches.
We have created script for which remove oldC:\winnt\softwaredistribution folder and and run
wuauclt.exe / detectnow command.
Now we can see patches are downloading on system but not Install immediately. In event viewer we
can see event 17 which say “
Installation Ready: The following updates are downloaded and ready for installation. To install the updates, an administrator should log on to this computer and Windows will prompt with further instructions: “ As this all workstation has customize OS and use command service account for login.
Also no pop us for as notification and no chance to install patches by user.
- What we can do to install patches immediately without modifying GPO policy.
- Does 3 - Auto download and notify for install gpo setting prevent us to install patches immediately After running script.
- What is main reason on patches not install on workstation.
- What will happens if system down during schedule install time.
- Why always 40% workstation display as 99% install in WSUS console even after patches with latest month update.
- Please suggest any new way to make 100% workstation compliance with patch update.
Windows Components/Windows Update Policy Setting
Allow Automatic Updates immediate installation Disable
Automatic Updates detection frequency 22 hrs
Configure Automatic Updates Enabled
Configure automatic updating: 3 - Auto download and notify for install
The following settings are only required and applicable if 4 is selected.
Scheduled install day: 0 - Every day Scheduled install time: 03:00
Policy Setting
Delay Restart for scheduled installations 5 min
Do not adjust default option to 'Install Updates and Shut Down' in Shut Down Windows dialog box Enabled
Do not display 'Install Updates and Shut Down' option in Shut Down Windows dialog box Enabled
Enable client-side targeting Enabled
Target group name for this computer workstations
Policy Setting Specify
intranet Microsoft update service location Enabled
Set the intranet update service for detecting updates: XYZ
Set the intranet statistics server: XYX