I have just recently implemented maintenance windows, myself. I have to manually reboot maybe a dozen servers out of 100+ that are getting patched.
From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com] On Behalf Of Adam Juelich Sent: Friday, October 27, 2017 10:59 AM To: mssms@lists.myitforum.com Subject: Re: [mssms] RE: Patching & Reboot Servers I haven't seen that to be the case but maybe I'm not the norm? Really depends on your Maintenance Window and it's settings, as well as the settings you specify in your Deployments. On Fri, Oct 27, 2017 at 10:57 AM, Erno, Cynthia M (ITS) <cynthia.e...@its.ny.gov<mailto:cynthia.e...@its.ny.gov>> wrote: Brian, We’ve found sccm to be notoriously unreliable on forcing reboots after patching as well. Even when sccm clearly shows a reboot is needed. I don’t know if your company uses nessus or qualys or a similar product, but a simple scan would show you that your servers are not considered patched, most of the time, until your servers have rebooted. Cynthia Erno From: listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com> [mailto:listsad...@lists.myitforum.com<mailto:listsad...@lists.myitforum.com>] On Behalf Of Brian McDonald Sent: Friday, October 27, 2017 7:39 AM To: mssms@lists.myitforum.com<mailto:mssms@lists.myitforum.com> Subject: [mssms] Patching & Reboot Servers ATTENTION: This email came from an external source. Do not open attachments or click on links from unknown senders or unexpected emails. Good morning, We have been working extremely hard getting our patch compliance numbers up. We recently, for the first time, hit over 90% compliance for last month. A question came up recently about scheduling reboots on servers. I decided to run a last reboot / uptime report against all servers in the environment. I found a good handful of servers that had not removed since August. And several servers that has not removed since last month. One suggestion brought the table was to schedule an automated refill for the servers to help increase our paths one effort. Management is telling me they see no reason to schedule reboot as long as patching work. I am looking to justify this need. I’d be interested to hear what other folks would suggest would be legitimate reasons for scheduled reboots. Basically they are saying SCCM how do you must not be working if servers aren’t getting rebooted. I have, for example, found some servers don’t receive patches if there are disconnected user logged into the server. By bouncing the server, I was able to deploy patches no problem. Any other use cases samples to support this would be extremely helpful. I appreciate any help or suggestions with this. Thanks! Brian Sent from my iPhone