Intune Update Ring settings not working as expected, what am I doing wrong?

Copper Contributor

I am hoping someone here can help me because I can't seem to figure out what I am doing wrong.

 

I need to install software updates on a set of Windows PCs on the third Thursday of each month. After the updates have installed, I need the PCs to allow a 7-day grace period before a reboot is enforced. For some reason, even though I specify a 7-day grace period in the deadline settings, these machines keep rebooting the same day the updates install! Can someone please take a look at the settings I am using and tell me what I am doing wrong?

Thanks, and see attached screenshots...

6 Replies

@AtlanJ

 

I am not 100 percent sure what your use case is and what users are doing on their devices (with regards to delays and stuff) but if we look at the deadline settings, for Feature and Quality updates the deadlines are described as follows (see this link):

 

"Specifies the number of days a user has before feature updates are installed on their devices automatically (2-30)."

 

The grace period is defines this way:

 

"Specifies a minimum number of days after deadline until restarts occur automatically (0-7)."

 

You have feature and quality updates set to 0, not in the range betweern 2 and 30, so it look like the grace period is also not effective because it is based on the deadline settings.

 

------

Please click Mark as Best Response & Like if my post helped you to solve your issue.

This will help others to find the correct solution easily. It also closes the item.

If the post was useful in other ways, please consider giving it Like.

 

Hi SebastiaanSmits.

Thank you for replying. I read that article you linked to before I built this update ring, and I thought I understood it but (based on what you are saying) I must still be missing something. Perhaps it would be better if I defined my use case for you, then you can advise me on what settings I should be using to get the desired outcome.

I have twelve mission critical computers at my company that I am allowed to patch on the third Thursday of each month at 6PM. Management has informed me that they are okay with me installing the updates automatically, but they want the person stationed in front of that PC to have the option to restart it at a time that is convenient for them.

Ideally, the updates would install silently while they work, then when they are done installing the user would get a popup telling them “Updates have installed, please restart your PC later”. Again, this needs to happen specifically on the third Thursday of each month at 6PM (or shortly after).

Can you tell me how to configure my update ring to achieve this?

@AtlanJ 
Please use the below configuration and confirm if this works. 

HarishKumar1116_0-1716317372223.png

 

@HarishKumar1116 

 

I created an Update Ring with these settings (except I chose "third week" instead of "every week"). We'll see if it works this time. 

@HarishKumar1116 

So, all my computers just updated! This is INCREDIBLY frustrating!!! I have set a date and a time for the updates (look at my screenshot below), the update ring has been successfully applied, why are these computers updating early?! There has to be something I am missing but I don't know what it is. Why allow you to set a date and time, then just ignore it.

Can ANYONE tell me what I am doing wrong here?