Patching procedure forced restarts without login
R
Ryan Melone
I have a few patching procedures that are set to reboot after the procedure completes. However, it turns out that they don't reboot until the user logs in and acknowledges that it will reboot. It is intended to happen automatically as part of the patch procedure, however they don't actually reboot until the user interacts with the window that informs them of the reboot.
Can we make the procedure's forced reboot schedule a task immediately upon completion rather than waiting until a user logs into the device?
R
Robin
Dear All,
The issue here is a known design flaw in the way we current do things.
Currently, the options we have for our procedures on OS Patching and 3rd Party Patching is to do one of the following: -
- Suppress
- Ask end user
- Force reboot
Here we have two issues: -
Based on Procedure
When the procedure runs, any reboot configuration you have is based on the completion of the procedure and not the status or requirement of the patches being installed.
So if you install an OS update that does not require a reboot, a force reboot setting will still reboot the device because the procedure ran successfully.
Users not Logged In
Our agent displays a message (asking or simply informing) about the reboot before it send the command to the operating system. Due to this, a device that is logged out will not reboot until a user logs in and gets the prompt from our agent.
A dirty work around for this at the moment would be to do the following: -
1.) Change your reboot setting to surpress
2.) Create another procedure (like the one below)
3.) Schedule the new procedure to be a couple of hours after the updates which will then cause the device to reboot as required.
=====SCRIPT====
import os
result=os.popen('shutdown /r /f /c "Scheduled reboot in 1 minute" /t 60 /d P:0:0').read();
print(result);
N
NCT
One for Robin to help with.
N
NCT
Ryan Melone Are you referring to 3rd party patching?
R
Ryan Melone
NCT: I am referring to Windows patch procedures
N
NCT
Ryan Melone: Is that using the force reboot option?
R
Ryan Melone
NCT:Correct
N
NCT
Ryan Melone: I always use the prompt option for patching.
R
Ryan Melone
NCT: Ok, I would prefer if our users did not have to interact with the patching restarts as they are done overnight. When they log in to start work only to restart immediately(forced or requested), they call me asking why. Currently the plan is simply not use the ITarian system for rebooting after patches. I would like this to work more cleanly so that we can reduce the number of places our techs need to keep track of to handle operations.
HITECHPR
I agree with this...In general I don't want my users to be part of the Patching Process.