![]()
#CRITICAL UPDATES NOT INSTALLING INSTALL#Do this as soon as the updates roll out, usually the first Thursday of the month.Ģ) Have your production server download but NOT install updates as they become available. This could be just a VM with the same software, but I try to have a hardware box similar to the hardware of the production server if that's what you're working with. #CRITICAL UPDATES NOT INSTALLING UPDATE#I think my update advice is similar to most others here, but maybe in a bit easier to follow flow:ġ) Test updates on a test server that is as close as possible to your production server. This biggest question I have after all the comments is why is everyone using WSUS and not SCCM? The workstations should have the updates deployed and updates to be completed on next reboot ( but force if not done in x days) but make sure you've tested the updates first before just sending them out. #CRITICAL UPDATES NOT INSTALLING MANUAL#AIAR(auto install auto reboot) and AIMR (auto install manual reboot) obviously you'll want to do things like sql, exchange or DC's manually and ensure you don't do them all at the same time but there are plenty of servers that can be done AIAR. You will want to break up these groups into different update methods. Domain Controllers, sql servers, sharepoint servers, exchange servers. You will want to do the updates and reboots for your servers on the same night.īreak your servers up into logical groups. Work out a reboot scheme for your environment, incorporating your shutdown and startup requirements. "itil v3 release management patching monthly" You need to plan your patching regime, maybe do a bit of ITILv3 training( change & release management) A maintenance windows that can last hours, days or weeks is not a maintenance window and you run the risk of someone doing a reboot during business hours and finding out the patch bricked the system, but you won't know that until you figure out it was the patch. You plan ypur updates to be done and then you deploy and reboot them and validate they work. The reason you can't find a concrete recommendation is because your question is not a logical one. My client recently had a crash of NTDLL.DLL on their print server which is running Windows Server 2016, which in turn took down the Windows Print Spooler so nobody could print until it was restarted. Is Server 2016 immune from this? I personally don't feel comfortable waiting an hour, never mind weeks. Just yesterday I had an ActiveX control stop working until I restarted to apply updates. The client has maintenance windows for the restarting of servers which could be days or weeks after the updates have been applied, and said that in their experience this is no problem, but I know from experience that on Windows 10 at least, pending restarts after updates have been applied can cause instability. I was looking around to get a recommendation on how soon after installing updates you should restart your Windows server to avoid issues like this, but I'm struggling to find a concrete recommendation. On going to restart it I noticed that there were pending Updates that wanted to apply on Shutdown/Restart which makes me think that the system became unstable due to some core files being modified, and it should have been restarted sooner. Print server which is running Windows Server 2016, which in turn took down the Windows Print Spooler so nobody could print until it was restarted. My client recently had a crash of NTDLL.DLL on their ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |