Not true.... If you don't disable windows updates via GPO and someone sets Windows updates to auto install and reboot then machines will "mysteriously" reboot at 3:00 am.
________________________________ John Marcum Sr. Desktop Architect Bradley Arant Boult Cummings LLP ________________________________ From: [email protected] [mailto:[email protected]] On Behalf Of Trevor Sullivan Sent: Thursday, September 19, 2013 3:08 PM To: [email protected] Subject: RE: [mssms] SCCM 2012 SUP/WSUS and GPO... grr! Kevin, You shouldn't be using any GPOs if you're using ConfigMgr to deploy software updates. There's a good chance that you have a GPO settings that's overriding the ConfigMgr behavior of suppressing reboots. That could be why you're seeing what you're seeing. Cheers, Trevor Sullivan From: [email protected]<mailto:[email protected]> [mailto:[email protected]]<mailto:[mailto:[email protected]]> On Behalf Of Kevin Johnston Sent: Thursday, September 19, 2013 2:40 PM To: '[email protected]' Subject: [mssms] SCCM 2012 SUP/WSUS and GPO... grr! I have read many blog posts about this configuration, and during our last patch cycle servers had rebooted themselves just after 3AM, which leads me to believe that something is not right. We just changed to having SCCM take care of it. Even though we suppress the reboots, I want to think that the WUAgent is the one actually rebooting, so we need the settings to hopefully stop this from happening. Ideally we are trying to accomplish the following: 1) user cannot modify settings; 2) updates download and install, absolutely no forced reboot, regardless if user is/isnt logged on; 3)NO REBOOT We have created an ADR for patch Tuesday which deploys the patches to test servers. We then take the previous months ADR and manually deploy it to our Production servers collection, this allows us to have a month of testing the patches. We noticed that servers were rebooting, which lead us to our GPO's and rethinking this process. Currently all our GPO settings that involve WSUS are set to "Not Configured" We don't have any maintenance windows configured either, although I read that some people put them far into the future... Thanks, Kevin Johnston ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer. ________________________________ Confidentiality Notice: This e-mail is from a law firm and may be protected by the attorney-client or work product privileges. If you have received this message in error, please notify the sender by replying to this e-mail and then delete it from your computer.
