Windows 10 update reboots computer while user is logged in despite group policy setting

Ran into an issue the other night where my computer rebooted on its own after I installed some updates. I have the group policy enabled that I believe is supposed to prevent auto-restarts after patching when users are logged in. It looks like Windows still schedules a reboot anyways. 

Anyone know why this would happen and how to prevent it in the future? Thanks!

I

 

Question Info


Last updated November 9, 2018 Views 3,155 Applies to:

Hi,

Thank you for posting in Microsoft Community.

I understand your concern and frustration you have been through. I will be glad to assist you.

1. Is your computer connected to domain or sever network?

 

After Windows updates are installed PC will restart automatically. This is to do the changes in PC after updates are installed and restart is mandatory. However you can schedule the restart of your computer by following the Steps below.

Type Windows update Setting on Search.
1. Click on Advance options.
2. Under Choose how updates are installed.
3. Choose Notify to Schedule restart.

By this you can avoid unexpected restart of PC when new updates are installed.

Note: Before scheduling restart please save all your work and setting.

Hope this information is helpful. Please get back to us with the information required, if you need further assistance, we’ll be glad to assist you.

Thanks

Pavan N

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Hi Pavan,

Thank you very much for the response, suggestions and assistance!

Regarding your question, the computer is not on a domain or part of a server network. I'm an IT professional by trade and I added the settings to my local group policy to prevent upgrades and automatic installation/restarts. In addition to the No auto-restart policy I also have the policy for Configure Automatic Updates set to 3 - Auto download and notify for install. The latter group policy is working as desired. 

In reference to your suggestion, I initially was using the Notify to Schedule Restart option however there are two problems with using this.

1. The notification automatically schedules a restart and only gives you the option to change the schedule. This still can result in unexpected reboots because you could be notified for instance at 9 pm that your computer will reboot at 3 am and if you don't see the notification you can't prevent it.

2. The possibly more troublesome issue is that Microsoft has released some patches that caused instability or even outages including System Firmware Update 1/19/2016 for the SP3 that caused BSODs due to it initially installing SP4 pen drivers. Since firmware updates are rarely security related, I always check to see if others have run into issues before installing, which is what I did with this update. Thankfully my computer wasn't set to "Notify to Schedule Restart" so it wasn't automatically installed. The issue has since been resolved and I have installed the update, but had I been using the recommend option I would have had a broken computer.

Ideally I would like WU to work as it did in all previous version of Windows. I would like the option to be notified to install patches, the option to select which patches to install, and the option to choose when a reboot will be performed. While I understand that this may not be desirable for the majority of home users, I am using the professional version of Windows 10 so I would hope that the needs of business users would be taken into account as well. 

I've included a couple of screenshots showing the settings that I have configured for reference.

4 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Dear Microsoft.

I too would like an answer to this question.  It does indeed seem that W10 is ignoring WU Group Policy settings regardless of whether it is set via Domain membership or Local GP (Not that it matters).

Please take the OP's request seriously, I am looking forward to an response to KzooSteve's request.

Thank you

4 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Hi,

Thank you for update and reply.

I would like to inform you that in Windows 10 updates are installed automatically. There is no way you can schedule an update, choose which update you want to install. Also when you go to Windows update in settings it’s clearly mentioned that available updates are downloaded and installed automatically. It by design of Windows 10.

Further if some features or options are not available due to design then you may want to leave a feedback on the Feedback App.

Type Feedback on search and follow onscreen instruction.

Hope this information is helpful. Please do let us know if you need further assistance, we’ll be glad to assist you.

Thanks

 
Pavan N

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Pavan,

Windows 10 updates are only installed automatically if the settings are left default. As I mentioned, my system group policy is set to notify me if there are updates and allow me to choose to install them when/if I desire. I know this works because I receive daily notifications that there are updates available to install because I currently use Windows Defender. The issue I presented isn't related to automatic installation of updates, it's related to Windows 10 ignoring group policies that are supposed to prevent reboots of the system while users are logged in. 

If group policies are indeed ignored by design in Windows 10 please let me know. I'm a Consulting Architect responsible for guiding my clients technology roadmaps so I'd very much like to know if I should be telling my clients (and colleagues) to steer clear of Windows 10.

Lastly, while I understand that there isn't this option, there should be the option to not install certain updates. I had to forgo Windows Defender updates for over a month because they were bunched together with the bad SP3 firmware update and it's all or nothing. I looked at the Feedback App you mentioned and don't see a category for Updates (there is one for every other category), so it doesn't appear Microsoft is looking for feedback on Windows Updates.

4 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Hi,

Thank you for update and reply.

I would suggest you to post your query on the TechNet Forum which would be better suited for the issue.
https://social.technet.microsoft.com/Forums/en-US/home?category=Windows10ITPro&filter=alltypes&sort=lastpostdesc

Hope this information is helpful. Please do let us know if you need further assistance, we’ll be glad to assist you.

Pavan N

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Having this issue as well.  Super frustrating.

Windows 10 is ignoring Group Policy and patching our computers on its own.  We have a centralized and controlled patch management solution that allows us to tell each PC what patches to install and when.  (Solarwinds)

Windows 10 seems to ignore the settings we apply in Group Policy.  It patches the computers and reboots automatically causing serious frustration from the end user as well as IT Administration.

This completely undermines our Patch Management solution and policy as we have no control over what patches are being applied. And obviously causing inconvenience to the end user as it randomly reboots their computer.

How can we stop this behavior in Windows 10 and make it act like all our other machines (Win 7 Pro 64bit)

This is the reason all corporate environments are so resistant to migrate to Windows 10.  Dear Microsoft: You can't disable IT Controls for an OS in a corporate controlled environment.  

 

Windows 10 Pro Version 10.0.10586 

GPO

-Computer Configuration | Policies | Administrative templates | Windows Components | Windows Update. Locate the Configure Automatic Updates and "Disable" it.
 
-Computer Configuration | Policies | Windows Settings | Security Settings | System Services. Locate Windows Update, it needs to be "Not Defined" or "Enabled"
 
-User Configuration | Policies | Administrative Templates | Windows Components | Windows Update and enable the setting Remove access to use all Windows Update features, and under Configure Notifications you want to choose 0 - Do not show any notifications

2 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Gday Joel,

The issue you describe is not exactly the same issue posted here.  Have a search for "Windows 10 updates ignore group policy".

To put it bluntly, there is nothing you can do.  Microsoft in their wisdom has decided to allow Windows 10 to totally ignore selected WU Group Policies.  This is not documented in GPMC or anywhere else "official" but that's about it.  Either you setup the new version of WSUS and have *some* control over patching or deploy SCCM.  That's all you can do really.

Cheers

2 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.

Open the registry and browse to HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

create a DWORD-value NoutoRebootWithLoggedOnUsers and set the value 1 in the registry key.

that will do the trick

cheers,

jim

2 people were helped by this reply

·

Did this solve your problem?

Sorry this didn't help.

Great! Thanks for marking this as the answer.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this response?

Thanks for your feedback.