67

I have a domain controller with Windows Server 2012 on it. After updates, the server does not reboot immediately. However if I remote into the server I will be presented with a countdown for a reboot. The only options are to restart now or to close the notification. However the countdown still continues and the server eventually reboots without my permission. How can I stop this from occurring?

Bryansix
  • 815
  • 1
  • 7
  • 7
  • 2
    Are you installing the updates or is automatic updates on? – Patrick Jan 09 '13 at 17:16
  • Its complicated. Updates are installed automatically but which updates get pushed is managed by an RMM tool called N-Able. – Bryansix Jan 09 '13 at 18:08
  • 3
    I'll add that updates are scheduled for 3AM but this message showed up at 9AM when I logged in. – Bryansix Jan 09 '13 at 18:46
  • Could it be that you or another admin keeps a remote desktop session running on the server? Not sure if 2012 defaults will prevent reboot at 3am if a session is "logged in and disconnected". GPO can control this behavior AFAIK. – Bret Fisher Jan 14 '13 at 23:50
  • 4
    Same here. Group policy is for overnight reboots, but Server 2012 decided to do it right in the middle of our production time! Argh! – Brian Knoblauch Jun 20 '14 at 15:02
  • 14
    This is the stupidest behavior I've ever seen in regards to automatic updates. It will actually wait for you to log in, then start a countdown timer that will force a reboot. So if you log in to do something, it basically sets a time bomb on your work window. This is almost at stupid as how the "shut down" command does the opposite and prevents a shut down by telling you to not turn off your machine because it installs updates; meanwhile the "shutdown without installing updates" command is hidden in the ctrl-alt-delete menu. It makes no sense. – Triynko May 11 '15 at 17:45
  • If a reboot is triggered accidentally, can't you abort it with "shutdown.exe /a"? –  May 26 '16 at 15:16
  • 2
    @user356577 Just happened to me, and the answer is no. Had to `NET STOP WUAUSERV` as an administrator, and then ensure it's (Windows Update) disabled in the services.msc and then kill Windows Update in the Task Manager as well. That seems to have finally stopped the countdown for the time being. – Zael Jun 14 '18 at 09:29

7 Answers7

50

There is a Local Group Policies you can set to disable the automatic restarts. This should only be done on Windows Servers assuming a sysadmin is going to RDP into the server on a regular schedule and install updates and restart the server (see Patch Tuesday).

  1. Press Windows Key+R to open the run prompt.
  2. Type "gpedit.msc" and press enter.
  3. In the "Local Group Policy Editor", navigate to Computer Configuration > Administrative Templates > Windows Components > Windows Update.
  4. Enable the "Configure Automatic Updates" policy and set it to "2".
  5. Enable the "No auto-restart with logged on users for scheduled automatic updates installations" policy.
Chaoix
  • 641
  • 5
  • 5
24

Finally Microsoft has produced a FIX for this behavior in an update rollup!

An update is available that lets you control how the Automatic Updates client applies updates in Windows 8 and Windows Server 2012. After you install this update, the "Configure Automatic Updates" policy setting will work again as it used to in previous Windows operating systems. Instead of installing updates during the daily maintenance cycle, Windows updates will be installed at the time and day that are scheduled in the "Configure automatic updates" policy setting.

voretaq7
  • 79,345
  • 17
  • 128
  • 213
Tim Jackson
  • 241
  • 2
  • 2
  • 1
    Good find, nice answer. – mfinni Oct 09 '13 at 16:08
  • 3
    Can it be used to disable automatic reboots too? We've got a Windows Server that presents iSCSI shares to our VMs and it's "a bad thing" every time it automatically reboots out from underneath those dependent VMs. – Brian Knoblauch Aug 28 '14 at 18:47
  • 10
    It's 2015, my system is up to date, I still see no option under windows update settings titled "Don't start a countdown when I log in". This is an epic fail. – Triynko May 11 '15 at 17:47
  • 3
    This is a comlete shambles. I just logged onto a server with 20 users, and it tells me it WILL reboot in 13mins. Great. Thanks microsoft. – Patrick Apr 29 '16 at 00:46
  • 1
    I'm still confused by the wording in Group Policy. What exactly do you have to configure so the server will only restart at 3am rather than randomly? – NickG Jan 24 '17 at 15:59
17

Disable the Windows Update service. Not in Service Manager - just stop it. The countdown is from the service, not Windows itself.

If you stop it - no more updates UNTIL the machine is manually restarted.

http://www.techspot.com/guides/230-prevent-automatic-windows-update-restarts/

Same works with Server 2012. net stop and then stop the service.

I say Reinstate Monica
  • 3,100
  • 7
  • 23
  • 51
TomTom
  • 50,857
  • 7
  • 52
  • 134
  • 1
    That is a good way to prevent the reboot when it prompts me. I guess I stil have an underlying issue in that the reboot doesn't happen at 3AM when the updates happen but instead waits until I log in. I just don't understand why me logging in starts the countdown. – Bryansix Jan 09 '13 at 19:08
  • Change it seems. I dont like it either. The 3am is a config Thing ;) My reboots happen on the Weekend. – TomTom Jan 09 '13 at 19:13
  • 1
    this answer actually didn't work for me. stopped Windows Update service, and kept getting the countdown banners on the Server 2012. – Bret Fisher Jan 15 '13 at 00:34
  • Did you stop it using "Net Stop wuauserv" or did you kill the process? When I stopped the service, the banner stopped showing up and the server did not reboot. – Bryansix Jan 15 '13 at 15:54
  • I think he stopped the wrong one. – TomTom Jan 15 '13 at 16:34
  • 3
    If you stop the service, it may not be enough. Its possible the service automatically starts itself after 1 minute. It will do this a total of 2 times, depending on which version of windows you're using. In addition, there may be one or more processes running called `Windows Update`. In a recent case I had to kill these processes and stop the service to stop the problem. – LPChip Mar 06 '15 at 12:41
  • 2
    It uses Task Scheduler to restart the service and process if they are stopped. – user692942 May 05 '16 at 13:03
  • link not working – kplshrm7 Oct 18 '16 at 07:33
  • Pay your internet? Link is perfectly working from 3 locations i tested. – TomTom Oct 18 '16 at 08:00
  • can confirm this: wuauclt.exe survives the stop of the service. to defuse best stop, then **disable** the service, then end the wuauclt task. otherwise this blue banderole resurrects mercilessly. – dlatikay Sep 20 '18 at 12:57
9

Stopping the service isn't enough, as it'll just start itself again. You have to disable the service until you are ready to restart the server.

Then to fix the issue, you'll need to add this registry value to ensure Windows restarts at the scheduled time, even if it is locked.

reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v AlwaysAutoRebootAtScheduledTime /t REG_DWORD /d 1 /f

MS KB documenting issue

Ben Drawbaugh
  • 91
  • 1
  • 1
1

To stop the reboot temporarily, Disable the Windows Update and Windows Module Installer services. Turn them back on at night so the reboot can happen.

Susan Russel
  • 11
  • 1
1

You could use Powershell for installing updates. Do an internet search for the PSWindowsUpate module and download it. Then run the command Get-WUInstall. There's a switch that lets you ignore the request for a reboot. I've been using it on all of my 2012 servers, and I like it a lot better than using the GUI.

Charles Burge
  • 758
  • 6
  • 16
  • The switch referenced is `-IgnoreReboot` e.g.`ipmo PSWindowsUpdate; Get-WUInstall -AcceptAll -IgnoreReboot` – spuder Sep 06 '16 at 22:53
0

If your updates come through WSUS, you can determine which updates require a mandatory reboot of the machine and plan them during a maintenance window. Otherwise disable Windows Update service as suggested above.

wondersz1
  • 101
  • 1