September 30, 2020

Windows update install now


The computers in my domain have Windows Update configured by GPO and normally should automatically download and install cumulative updates. (I'm lazy and I use WUfB.) However, recently I discovered that some computers get stuck with Status: Pending install and the button saying "Install now" and will not continue without user intervention.

We use PDQ Inventory and Deploy in our environment, so I figured I could probably send a command to these computers to force the install. Turns out this is a lot more difficult than it seemed at first. Google search suggests using wuauclt and usoclient, but these commands don't seem to do anything. Further research suggests that these commands have been deprecated in the latest Windows 10 versions. I then tried various PowerShell modules and WMIC commands and nothing worked. I think one reason is that Windows 10 computers in a regular enterprise environment expect to be shutdown and awakened regularly for updates. Unfortunately a lot of my computers have to be operational 24-hours without a fixed downtime, and then some computers are laptop computers that don't want to be awakened at night.

Turns out there's a really simple solution to all this. PDQ Deploy has built-in packages for Windows Updates. Applying the Windows Update package seemingly does nothing, but at the next reboot, the pending updates get installed automatically without user intervention, then users simply need to choose the update option next time they shutdown or restart. I looked in the PDQ Deploy package and all it does is stop the Windows Update service, install the latest servicing stack update, install the cumulative update, then restart the Windows Update service. Magic!

No comments: