The “correct” Reboot Action will vary based on your users and business requirements
Reboot Immediately after Update: Machine is rebooted without warning
Reboot every day at 12:00am after install: will reboot on the selected day and time without warning, but will only occur if a patch installation cycle has run
Warn the user: A notification is displayed on endpoint indicating a reboot will occur in the defined number of minutes. The user cannot dismiss this reboot.
Skip reboot if user logged in: If the VSA detects a user is logged into the endpoint, the endpoint will not be rebooted. Patches will remain in pending until the endpoint is rebooted and a post-reboot scan runs.
If user is logged in, ask every x minutes: If no user is logged in, the endpoint will be rebooted immediately. If a user is logged in, a reboot nag will appear on the screen at the defined interval. The user can opt to “Continue Working” or “Reboot Now”. The nag will continue until a reboot and rescan occur.
If user is logged in, ask; Reboot if no response: A reboot will occur if no user is logged in. If a user is logged in, a notification will appear. If the user does not respond within the defined number of minutes, the reboot will occur without further warning.
If user is logged in, ask; Do Nothing: Same action as above, but no reboot will occur if the user does not respond to the notification. Patches will remain in Pending until a reboot and rescan occurs.
Do Not Reboot: The endpoint will not be rebooted. A preliminary rescan will run. If all patches previously scheduled for install are no longer listed as Missing by the preliminary WUA rescan, the pending flag will be cleared and the "Reboot Now" button will not present on the Patch Status page. If any of the scheduled patches are still found to be missing, patches will remain in pending until a reboot occurs and a "Reboot Now" button will present on the Patch Status page. You can optionally generate an email to notify an admin that the machine requires a reboot. Note that the email will send regardless of whether the rescan is able to clear the pending flag.
- All installation processes except Initial Update honor Reboot Action settings.
- Initial Update will reboot without warning and as often as necessary to install all Missing Approved patches. Use only for non-production machines.
- In 6.0 and later, the dynamic patch installation scripts are generated immediately before the cycle begins. 5.x scripts generate at midnight the day of scheduled install. If the reboot action is changed after the scripts are generated, the reboot for the scheduled cycle will the settings in place at the time the scripts were generated. The new reboot action will be honored for the next install cycle.
- The next install cycle will be skipped if the previous cycle does not complete – this includes the reboot and rescan.
- A manual reboot of an endpoint (either using the “Reboot” agent procedure OR Start > Restart does not complete the cycle. A Patch Reboot (by Reboot Action or clicking “Reboot Now” on the Patch Status page) schedules an immediate rescan. If a machine is rebooted manually, run a Machine Scan on the endpoint to clear the Reboot Needed flag and to stop reboot nag notifications for the end user.