Windows 2016 updates and Active Hours

windows-update windows-server-2016

Solution 1:

Well, after over an year and some Windows 2016 installation, I can answer to my own question. The answer below may be incorrect in some aspects, as Microsoft is not too keen on details regarding Active Hours; still, it's my best understanding of how it works. Comparison to the well-know Win7/Win2008R2 update approach is done as needed.

SHORT ANSWER: after enabling automatic updates with sconfig, enable the GPO "Always automatically restart at the scheduled time" to simply ignore "Active Hours" and revert to the classic (read: Win7/Win2008R2) update and reboot behavior. Leave other relevant GPOs (as "ScheduledInstallTime") at their default settings.

LONG STORY: Win7 and Win2008R2 have a simple upgrade schedule: by default, updates are installed at 03:00 and, if needed, the machine rebooted. If the machine is off at the scheduled install time, updates are installed at the first possibility but the reboot is postponed and left out at user's convenience.

This approach of postponed reboot was deemed suboptimal for the Windows as a Service model of Windows 10 which, unfortunately, impacted Windows 2016 as well. To avoid a single, easily missed schedule (03:00) for reboot, Win10 and Win2016 have the concept of "Active Hours" - hours in which the server is actively used and should not be rebooted. Hours which are not in the range (let's call them "Inactive Hours") are considered "idle". This means that outside of "Active Hours" the server can be rebooted.

However, "Active Hours" can be configured to be 12 hours long at maximum (note: latest build of Win10 changed that) and, to prevent accidental reboot, Microsoft added some generic heuristic to avoid rebooting the server when it is used outside of "Active Hours". For example, it seems the heuristic detects if users are logged on, if users have unsaved work, if shares are being accessed, ecc. This means that servers which are actively used (ie: Domain Controllers, server with logged Terminal Service users, etc.) will not be rebooted.

But there is more: as even active servers must be rebooted sooner or later, an additional timer assures that the machine is restarted (outside of "Active Hours") 7 days later even if the server is busy (note: the 7-days periods is configurable via GPO). This probably is the cause of the multitude of "my Win2016 rebooted unexpectedly" posts you can found via Google.

Adding the extremely slow Windows 2016 update process and the above confusion with "Active Hours", my humble opinion is that Microsoft really messed up the Windows Update process. It seems Windows 2019 is better in this regard, but considering how easy (and fast) is updating on any server-grade Linux distro I really wonder on how can Microsoft do these kind of mess.

To put an end to this insanity, the GPO "Always automatically restart at the scheduled time" can be used: it will basically disable the new "Active Hours" behavior, returning to a much more obvious (and manageable) "reboot your server after updates that require it" behavior.

Related

How to transfer user accounts to a new Linux machine?
Unknown Database when trying to connect to an AWS RDS instance
Advanced routing with firewall marks and `rp_filter`
How to increase MTU size on Linux 2.6?
Add a local application to syslog excluded from /var/log/messages
Nginx with HTTP2 enabled downloads everything
When is swap moved back to physical memory?
Email dkim=temperror (no key for signature)
How do I transfer an SSL certificate from an Apache server to an NGINX server
Does spring @Scheduled annotated methods runs on different threads?
Sound file will not play using playsound module python error 259
Are C programs compiled with MSVC JIT or AOT?