WU for Shutdown devices

Brass Contributor

Need help in understanding the best way to handle the device update through Intune for a specific scenario. We have few users who shutdown the devices everyday around 6 PM and starts again next day morning 9 AM. Our Update Rings in Intune are set with the following profile

Vinod7_0-1624381740776.png

 

So how can we make sure that these devices gets update. Also we cannot find the users who are doing the regular shutdown as well. SCCM has the option to scan the device next day morning if it misses

3 Replies

@Vinod7 ,

 

The best way to ensure devices update is to Enable the "Use deadline settings" setting, and set the deadline and grace periods.  We recommend 3 day deadline and 2 day grace period for quality updates, for example.   This will ensure the devices are restarted to complete the update, even if devices are shut down overnight.  This does mean the restart will likely happen for those users during the business day when the deadline and grace period expire, but for those users who shut down the devices during the working day the restarts have to happen during the day.  One of the great things about the deadline is that once the device reaches restart required, the users get notifications that the restart is required and they get the opportunity to restart right away, or to schedule a restart.  So those users who are automatically restarted during the day, should have received ample notification, depending on how many days you provide them with that setting.

 

You may also try to shorten the default active/maintenance hours so that the system is enabled to try to restart outside of those hours if the device is not in use.  In fact, our recommendation is to set the "Automatic update behavior" setting to "reset to defaults" so that the end user can control active hours and enabling the smart busy checks and intelligent active hours features... which also work better for users who leave devices on overnight.

 

Hope this helps,

-David

 

Hi David - These is very good explanation and much useful to understand how to configure the settings. So for the active/maintenance hours which we have set to 6 AM to 10 PM, does it mean that the updates will not be installed during that time or just restart will not happen ? We have like 100+ devices where they are not updating at all. The only way is to run the PSWindowsUpdate powershell module remotely to start the install.

@Vinod7 

 

Active Hours affects the automatic restart.  Scan, download, and install can still happen during active hours since they are background tasks.  The system detect for idle time and other techniques to minimize user productivity impact during active hours.  More info about active hours is here: Manage device restarts after updates (Windows 10) - Windows Deployment | Microsoft Docs

 

There may be other reasons devices are not scanning or updating.  For example, if these devices were previously managed by using Group Policies, and the policy is configured to not auto update, then even though you are managing using Intune, the Group Policies will still be in effect.  You would need to disable the Group Policies in this case to get back to normal.  Another cause could be the required services being disabled from running.   I found this troubleshooting guide that covered a number of the potential issues, it would be a great place to start:  Windows Update troubleshooting - Windows Deployment | Microsoft Docs

 

Hope this helps,

-David