Does anyone have any best practices for patch deployment when the only avaialble time that patches are going to be allowed is Saturday Evening through Monday Morning? I've tried using policies that do not prompt users or reboots however the microsoft updates trigger the windows update service to prompt the user for a reboot. We cannot use autofix for the same reason. However when I try just deploying patches on a weekend, I get about a 50% sucess rate, mostly due to pc's being off or asleep (despite our requesting users to not power off their pc's, and a lot of our equipment is older and doesn't support wake on lan). So a fairly large group are mostly caught up but some are lagging behind getting patches and management doesn't seem to understand that by using only a brief window the sucess rate isn't going to be 100%.
↧