Apr 07 2021 11:34 AM
Apr 07 2021 11:34 AM
We are piloting a group in our environment to switch to WUfB for servicing and previously deployed updates from WSUS. All our endpoints are currently on Windows version 1803 and joined to a local AD DS domain managed by ConfigMgr. We have deployed Update Baseline in its default configuration via group policy setup a WUfB policy deployed from ConfigMgr.
Devices now appear to be updating as expected and are automatically downloading and installing 20H2 directly via WUfB. However, we have yet to see any notifications, toasts, or engaged restart banners for users that have made it past the initial automatic installation and are awaiting a restart. Windows update shows the following:
Users are able to initiate the restart themselves, however none of our desktops that have been left online overnight appear to be restarting automatically. These devices all appear to be set to the default active hours of 8:00 AM to 5:00 PM and have no logged in users.
I see that the registry key HKLM\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings\EngageReminderLastShownTime appears to be set to a time earlier today, however this computer has no toast notifications to be seen. Are there any additional settings we should ensure are enabled in order to ensure devices are restarting when possible and notifications are being shown for users? Any advice here would be greatly appreciated!
Apr 08 2021 04:04 AM - edited Apr 08 2021 04:06 AM
Witam Brak wyskakujących okienków - może wynikać z zaawansowanych ustawień = powiadomienia zostały wyłączone! Jeśli istnieją potwierdzenia prawidłowych instalacji w rejestrze aktualizacji, wszystko to działa poprawnie! Problem będzie, gdy rejestr mówi, że są one nieskuteczne - próby zainstalowania > wymaga analizy! Automatyczna aktualizacja działa dość niezawodnie, jeśli nie ma bardziej złożonych konfliktów i wymaga indywidualnego sprawdzenia na takim komputerze! Dodam zrzut ekranu w miejscu - Zaawansowane ustawienia na urządzeniu końcowym Ponadto czas migracji aktualizacji jest często dość długi, a poprzednie wersje muszą zostać usunięte - następnie trzeba przeanalizować
Apr 08 2021 07:46 AM
@Andrzej1Interesting, I wonder if there is something misconfigured here then. We have the policy "Turn off auto-restart notifications for update installations" set to "Disabled" which is the default for Update Baseline. This causes the notification slider to be grayed out, but off. This appears to be the same when the policy is set to "Not Configured" as well. I do not appear to see any policy that would enable this, is this intended default behavior or is there an extra GPO we should look into?
Apr 08 2021 09:15 AM
Apr 15 2021 09:13 AM
Apr 15 2021 09:25 AM
Since our devices are on 1803 we actually cannot use intelligent active hours just yet, but we are excited to once our upgrade fully completes. For our pilot deployment, we went ahead and actually removed any GPO setting that was marked as "Not configured" from the Update Baseline template as our environment had never declared them. After doing so, we began to receive toast notifications immediately following the installation of the 20H2 feature update, as we were hoping. We created a separate OU with the default settings for Update Baseline, and it still has the same behavior as previous shown, no toast notifications (granted these machines are on 1803, this may not be the case for all versions). We are now expanding this deployment to further our testing. I have not been able to verify that the Engaged Restart notifications are working or displaying for users, however will let you know as we near the deadline in the coming days. I am at least able to verify that machines did reboot deadline was reached, and that they were being scheduled after taking a look at the logs present in NotificationUxBroker.etl.
Thanks for reaching out, so far WUfB has been working great, even without notifications!
Apr 15 2021 09:29 AM
Apr 15 2021 09:39 AM
Thanks @Kay_Toma. Our biggest question is around the behavior as computers near our deadline. We want to communicate to our end-users what the notifications they will be seeing are going to look like before broad deployment, and I see a few examples in the compliance deadline documentation. For feature updates are users to expect a notification like the one below, or does this only occur for pending quality updates or for feature updates as well?
We have yet to catch one of these in-action, but want to make sure that our polices are configured to display notifications like these in addition to the toast notifications that we have been seeing post-install and after login. Are there registry keys we can check or scheduled tasks for these pop-ups to make sure they are being utilized?
Thanks again for your help!
Apr 15 2021 09:51 AM
Apr 15 2021 10:03 AM
Fantastic @Kay_Toma! I also wanted to run a scenario by you in case I am misunderstanding deadlines. By configuring deadlines and not "Restart outside of active hours" as we had traditionally, are devices that do not have any users signed in going to restart after hours as they previously had? From what I am grasping now, it seems like those devices will wait until the deadline then restart during active hours, is that correct or does the previous behavior still apply? This is assuming we are not setting active hours, we will let the default values apply (8 - 5 and intelligent active hours when possible).