I'm running into problems with my servers (2008 R2) rebooting due to updates being applied and I can't figure out how/why the updates are installed. I have a GP that specify that my servers should only notify me when updates are available, yet it's being downloaded and installed automatically. I verify with gpresults and Group Policy Results wizard that there are no other GP settings that are overiding my updates settings. I even check the update settings on the server itself and it reads notify to download and notify to install. I tried setting the policy not to reboot when users are logged on and the servers always have a user logged on, yet it reboots anyways. It's getting to be a problem now as we're a 24/7 operation and we have several servers doing this.

Please check if you have AD replication problems (use Dcdiag.exe). You can try to use Auto download and schedule the install to schedule the install of your updates. For more information, have a look to this Microsoft article. Another solution is to disable Windows Updates. Once you want to install updates, then enable Windows Updates and install them. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

Intially, it was set to Auto Download and Notify for Install, but updates kept getting installed and the servers were being rebooted so I changed it to Notify for Download and Notify to Install. However, that didn't help the situation as updates are still being downloaded/installed and servers are still being rebooted. Ran Dcdiag and here's the result Directory Server Diagnosis Performing initial setup: Trying to find home server... Home Server = EXAMPLE-2008SVR-01 * Identified AD Forest. Done gathering initial info. Doing initial required tests Testing server: Default-First-Site-Name\EXAMPLE-2008SVR-01 Starting test: Connectivity......................... EXAMPLE-2008SVR-01 passed test Connectivity Doing primary tests Testing server: Default-First-Site-Name\EXAMPLE-2008SVR-01 Starting test: Advertising......................... EXAMPLE-2008SVR-01 passed test Advertising Starting test: FrsEvent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems......................... EXAMPLE-2008SVR-01 passed test FrsEvent Starting test: DFSREvent......................... EXAMPLE-2008SVR-01 passed test DFSREvent Starting test: SysVolCheck......................... EXAMPLE-2008SVR-01 passed test SysVolCheck Starting test: KccEvent......................... EXAMPLE-2008SVR-01 passed test KccEvent Starting test: KnowsOfRoleHolders......................... EXAMPLE-2008SVR-01 passed test KnowsOfRoleHolders Starting test: MachineAccount......................... EXAMPLE-2008SVR-01 passed test MachineAccount Starting test: NCSecDesc......................... EXAMPLE-2008SVR-01 passed test NCSecDesc Starting test: NetLogons......................... EXAMPLE-2008SVR-01 passed test NetLogons Starting test: ObjectsReplicated......................... EXAMPLE-2008SVR-01 passed test ObjectsReplicated Starting test: Replications......................... EXAMPLE-2008SVR-01 passed test Replications Starting test: RidManager......................... EXAMPLE-2008SVR-01 passed test RidManager Starting test: Services......................... EXAMPLE-2008SVR-01 passed test Services Starting test: SystemLog......................... EXAMPLE-2008SVR-01 passed test SystemLog Starting test: VerifyReferences......................... EXAMPLE-2008SVR-01 passed test VerifyReferences Running partition tests on : ForestDnsZones Starting test: CheckSDRefDom......................... ForestDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation......................... ForestDnsZones passed test CrossRefValidation Running partition tests on : DomainDnsZones Starting test: CheckSDRefDom......................... DomainDnsZones passed test CheckSDRefDom Starting test: CrossRefValidation........................ DomainDnsZones passed test CrossRefValidation Running partition tests on : Schema Starting test: CheckSDRefDom......................... Schema passed test CheckSDRefDom Starting test: CrossRefValidation......................... Schema passed test CrossRefValidation Running partition tests on : Configuration Starting test: CheckSDRefDom......................... Configuration passed test CheckSDRefDom Starting test: CrossRefValidation......................... Configuration passed test CrossRefValidation Running partition tests on : Example Starting test: CheckSDRefDom......................... Example passed test CheckSDRefDom Starting test: CrossRefValidation......................... Example passed test CrossRefValidation Running enterprise tests on : Example.local Starting test: LocatorCheck......................... Example.local passed test LocatorCheck Starting test: Intersite......................... Example.local passed test Intersite

Starting test: FrsEvent There are warning or error events within the last 24 hours after the SYSVOL has been shared. Failing SYSVOL replication problems may cause Group Policy problems......................... EXAMPLE-2008SVR-01 passed test FrsEvent Please check logs in event viewer for possible errors. You may try the solutions I gave you previously. Notify for download and notify for install. This option notifies a logged-on administrative user prior to the download and prior to the installation of the updates. => There is no indication that it will not install updates at reboot. Auto download and notify for install. This option automatically begins downloading updates and then notifies a logged-on administrative user prior to installing the updates. =>The same thing. So, here it is speaking about notifications. So, it does not mean that it will prevent the install at the reboot. I think it will better to proceed like I mentioned previously. This posting is provided "AS IS" with no warranties or guarantees , and confers no rights. Microsoft Student Partner Microsoft Certified Professional Microsoft Certified Systems Administrator: Security Microsoft Certified Systems Engineer: Security Microsoft Certified Technology Specialist: Windows Server 2008 Active Directory, Configuration Microsoft Certified Technology Specialist: Windows Server 2008 Network Infrastructure, Configuration

Hi, Let’s fix the SYSVOL replication problems first to help narrow down the root cause of the issue. Please check the following link: Troubleshooting File Replication Service http://technet.microsoft.com/en-us/library/bb727056.aspx Did you see messages like Windows was restarted to get Windows Updates installed after logging on the system? I see that you have checked Windows Update setting on the problematic member server. Please also check the following registry settings on the problematic member server: HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU Please check whether the keys ScheduledInstallDay, AUOptions, ScheduledInstallTime, NoAutoUpdate have been updated correctly. If the issue persists, please help gather the following files for research: 1 FRS Event log on DC ---------------- 1. Click "Start", click “Run”, input "eventvwr" and press Enter. 2. Expand the "Applications and Services Logs" node on the left pane, right-click on "File Replication Service" and click "Save All Events As"; in the pop-up window, click to choose the Desktop icon on the left frame, input "FRS" in the "File name" blank, and then click save. 3. Locate the saved log on the Desktop and send it to us. 2 repadmin /showrepl dc* /verbose /all /intersite >c:\repl.txt 3 gpreport.html file on problematic member server ---------------------------------- Please logon to the problematic computer, launch Command Prompt as Administrator, run the following command: Gpresult /H gpreport.html Please send the resulting gpresult.html to us. Upload these file to the following workspace. ------------------------------------------------------------ You can upload the information files to the following link. (Please choose "Send Files to Microsoft") Workspace URL: (https://sftus.one.microsoft.com/choosetransfer.aspx?key=47b879fc-b30e-486b-9ebb-500bbaa630f6) Password: Z-g[3Blnw$llI Note: Due to differences in text formatting with various email clients, the workspace link above may appear to be broken. Please be sure to include all text between '(' and ')' when typing or copying the workspace link into your browser. Meanwhile, please note that files uploaded for more than 72 hours will be deleted automatically. Please ensure to notify me timely after you have uploaded the files. Thank you for your understanding. Thanks. NinaPlease remember to click Mark as Answer on the post that helps you, and to click Unmark as Answer if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.