cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Restart Windows 10 and 11 from MDE

dmarquesgn
Frequent Contributor

‎Mar 13 2023 10:39 AM

‎Mar 13 2023 10:39 AM

Restart Windows 10 and 11 from MDE

Hi,

I need to be able to restart some Windows 10 and 11 due to the application of updates.

Is it possible to force a Windows restart from the MDE interface or by any query?

Thanks

265 Views
0 Likes
11 Replies
Reply
11 Replies
P4tr8k

‎Mar 15 2023 09:55 AM

‎Mar 15 2023 09:55 AM

Re: Restart Windows 10 and 11 from MDE

Hi,
by using MDE no but you can use Intune to force restart.
https://learn.microsoft.com/en-us/mem/intune/remote-actions/device-restart#restart-a-device
0 Likes
Reply
dmarquesgn

‎Mar 15 2023 09:59 AM

‎Mar 15 2023 09:59 AM

Re: Restart Windows 10 and 11 from MDE

Hi,
Thanks for the reply. I know in Intune I can restart the machines, but that raises a lot of issues. This way I would have to create a script, to check for something within Defender, and then issue a restart request to Intune to those specific machines.
Also, does Intune allows any control over the restart, like confirmation, timings, etc?
Thanks
0 Likes
Reply
rahuljindal-MVP

‎Mar 15 2023 10:09 AM

‎Mar 15 2023 10:09 AM

Re: Restart Windows 10 and 11 from MDE

Don’t really understand the ask here. Application of which updates? OS?
0 Likes
Reply
P4tr8k

‎Mar 15 2023 10:18 AM

‎Mar 15 2023 10:18 AM

Re: Restart Windows 10 and 11 from MDE

Unfortunately not. Here is no any information for user and restart should be performed immediately. But if you want to play with scripts you can write powershell script (force restart) and upload and run this script using Live Response session. But it's a long process.
0 Likes
Reply
dmarquesgn

‎Mar 15 2023 10:23 AM

‎Mar 15 2023 10:23 AM

Re: Restart Windows 10 and 11 from MDE

Yes, the goal is to guarantee that the restart is done to force the Windows update process.
0 Likes
Reply
dmarquesgn

‎Mar 15 2023 10:25 AM

‎Mar 15 2023 10:25 AM

Re: Restart Windows 10 and 11 from MDE

Thanks, I see where you're going, which is a quite interesting path, even though it would be something really hard.
If the machines are on the network, I have means to restart them. I would have to find a way to integrate stuff, but the main problem is the machines which are out of the network.
0 Likes
Reply
rahuljindal-MVP

‎Mar 15 2023 10:39 AM

‎Mar 15 2023 10:39 AM

Re: Restart Windows 10 and 11 from MDE

Ok. I am not quite sure why you want to leverage Defender to achieve status against a device reboot. Maybe this is a specific use case, but normally Intune will be go to tool to manage security updates if you are licensed and the devices are enrolled. Maybe look at update rings and custom compliance in Intune if not already done.
0 Likes
Reply
dmarquesgn

‎Mar 15 2023 04:50 PM

‎Mar 15 2023 04:50 PM

Re: Restart Windows 10 and 11 from MDE

@rahuljindal-MVP 

I have Intune configured to deploy the security updates. Our Intune policy is what's on the screenhot below.

Screenshot_6.png

So, the last option means the machine should be auto restarted after grace period right?
What I've seen is that from about 2000 machines, more or less 100 of them each month do not complete the update, because they miss the restart, staying in pending. So I need to find out any way to be able to force the restart to be sure the patch was deployed.

Thanks

0 Likes
Reply
rahuljindal-MVP

‎Mar 15 2023 11:57 PM

‎Mar 15 2023 11:57 PM

Re: Restart Windows 10 and 11 from MDE

Do they report pending or they actually don’t restart?
0 Likes
Reply
dmarquesgn

‎Mar 16 2023 06:53 AM

‎Mar 16 2023 06:53 AM

Re: Restart Windows 10 and 11 from MDE

Hi, they actually report pending restart. I'm not totally sure if the problem is that the machine did not restart (according to Defender) or if there's any other issue.
That's why I would like to be able to issue a restart, so then I could check if Defender already removed the tag "Pending Restart" and considers the vulnerability fixed.
0 Likes
Reply
rahuljindal-MVP

‎Mar 16 2023 12:57 PM

‎Mar 16 2023 12:57 PM

Re: Restart Windows 10 and 11 from MDE

@dmarquesgn sorry, but can you share where are you seeing pending system reset in  Defender so that I be certain what and where you are looking at? Also, as for the pending restart itself, if this is also reporting in Intune Windows update reports, then you can send a PS or proactive remediation script for a pending reboot and initiate a reboot. However, forcing a reboot on end user devices is not something I’ll recommend. 

0 Likes
Reply