Installation and Patching

How can we improve the installation and patching of Windows Server?

(thinking…)

Enter your idea and we'll search to see if someone has already suggested it.

If a similar idea already exists, you can support and comment on it.

If it doesn't exist, you can post your idea so others can support it.

Enter your idea and we'll search to see if someone has already suggested it.

  • Hot ideas
  • Top ideas
  • New ideas
  • My feedback
  1. Please provide full information what is fixed in cumulative updates

    Please provide full information what is fixed in cumulative updates. What kind of information is this:

    https://support.microsoft.com/en-us/help/4038782
    Security updates to Microsoft Graphics Component, Windows kernel-mode drivers, Windows shell, Microsoft Uniscribe, Microsoft Edge, Windows scripting, Device Guard, Windows TPM, Internet Explorer, Microsoft Scripting Engine, Windows Hyper-V, Windows kernel, and the Windows DHCP Server.

    We need proper description of fixes for an OS we pay licenses.

    27 votes
    Sign in
    Check!
    (thinking…)
    Reset
    or sign in with
    • facebook
    • google
      Password icon
      I agree to the terms of service
      Signed in as (Sign out)

      We’ll send you updates on this idea

      0 comments  ·  Windows Update  ·  Flag idea as inappropriate…  ·  Admin →
    • FIX the Windows Update Log issues with Windows 10 and Server 2016

      Include al necessary symbol files and updates to base OS and current updates. Many environments do not allow server access (and in some instances workstation access) to the internet to update symbol files as needed. I have tried every posted articles suggestions on getting the windows update log into useful, understandable English, with the only success being to reimage my windows 10 Enterprise desktop. I refuse to do so with my domain 2016 servers!

      10 votes
      Sign in
      Check!
      (thinking…)
      Reset
      or sign in with
      • facebook
      • google
        Password icon
        I agree to the terms of service
        Signed in as (Sign out)

        We’ll send you updates on this idea

        0 comments  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
      • installation of kb4038777 on 2008 R2 domain controllers causes LDAP to break for certain applications.

        after much troubleshooting this morning, we were forced to uninstall kb4038777 on our 2008 r2 domain controllers and restart them. it appears LDAP authentication is failing over port 389 for a handful of our applications, as well as our production mailarchiva instance.

        was curious if anyone else had seen / experienced similar.

        1 vote
        Sign in
        Check!
        (thinking…)
        Reset
        or sign in with
        • facebook
        • google
          Password icon
          I agree to the terms of service
          Signed in as (Sign out)

          We’ll send you updates on this idea

          1 comment  ·  Patch Behaviors  ·  Flag idea as inappropriate…  ·  Admin →
        • URGENT: Seperate Category for Preview Update Rollups needed!

          Actually it is not really possible to use automatic acknowledgement rules without acknowledgeing any Preview security or preview feature upates for Windows 7, 8.1 etc.

          Please put them a seperate WSUS Category e.g. preview rollups so that an effective testing can be made with rulesets and a test group of computers.

          11 votes
          Sign in
          Check!
          (thinking…)
          Reset
          or sign in with
          • facebook
          • google
            Password icon
            I agree to the terms of service
            Signed in as (Sign out)

            We’ll send you updates on this idea

            5 comments  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
          • KB4035036 - .NET Preview August 2017 for .NET 4.6.1 installs .NET 4.7 DLLs

            Hi All,

            it looks like that ndp46-kb4033990-x64 one of the Updates included in
            KB4035036-August 2017 Preview of the Quality Rollups for the .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, and 4.7 for Windows 7 SP1 and Windows Server 2008 R2 SP1 (https://support.microsoft.com/kb/4035036)

            patches the wrong .NET 4.6.1 DLLs on a Windows 2008 R2 Server.

            Registry sill says .NET 4.6.1 (394271) is installed, but

            the new patched files have a signature from 4.7.
            For e.g: mscorlib.dll has after the patch 4.7.2106.0.

            There a some third-party products, that have problems with .NET 4.7, like OpenEdge Progress.(https://knowledgebase.progress.com/articles/Article/gui-net-application-crashes-after-net-upgrade-to-4-7).

            And after…

            1 vote
            Sign in
            Check!
            (thinking…)
            Reset
            or sign in with
            • facebook
            • google
              Password icon
              I agree to the terms of service
              Signed in as (Sign out)

              We’ll send you updates on this idea

              1 comment  ·  Patch Behaviors  ·  Flag idea as inappropriate…  ·  Admin →
            • Show more detail when installing updates during shutdown/reboot

              Installing a Windows Server 2016 cumulative update (e.g. after setting up a new server) can take pretty long. After a few minutes, the unchanging message "Getting Windows ready / Don't turn off your computer", despite its looping dots, stops inspiring confidence that progress is being made.

              Monitoring %windir%\Logs\CBS\CBS.log helps slightly, at least until "CommitPackagesState: Started persisting state of packages".

              I would therefore request that
              * on Windows Server, and optionally on Windows 10 as a configurable option, the "Getting Windows ready" screen shows additional detail, similar to the output in CBS.log (e.g. "processing package 1564/7144 for KB4025339")
              * if possible,…

              3 votes
              Sign in
              Check!
              (thinking…)
              Reset
              or sign in with
              • facebook
              • google
                Password icon
                I agree to the terms of service
                Signed in as (Sign out)

                We’ll send you updates on this idea

                0 comments  ·  Patch Behaviors  ·  Flag idea as inappropriate…  ·  Admin →
              • NoAutoRebootWithLoggedOffUsers - Windows Server OS

                Considering the server availability, we administrators are not getting downtime as we desired. So, Microsoft should give the support for server OS to prevent the reboot the server in logged-off mode after windows update installation. I have a suggestion that I'm giving below. If it is possible, it is very helpful to the world of Windows administrators. Add the registry value in server at least in all available server operating systems

                [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU]

                "NoAutoRebootWithLoggedOffUsers"=dword:00000001

                5 votes
                Sign in
                Check!
                (thinking…)
                Reset
                or sign in with
                • facebook
                • google
                  Password icon
                  I agree to the terms of service
                  Signed in as (Sign out)

                  We’ll send you updates on this idea

                  2 comments  ·  Windows Update  ·  Flag idea as inappropriate…  ·  Admin →
                • Separate Windows 10 by branch / version

                  Actually Windows 10 on WSUS is only reflected by a major product category and LTSB.

                  It would be much better if you could add a product category for each branch / release:

                  such as:
                  Windows 10 1507 (LTSB 2015)
                  Windows 10 1511
                  Windows 10 1607 (LTSB 2016, CBB)
                  Windows 10 1703 (CB)

                  This would allow companies with a good patch management to effectively avoid downloading CU patches for Windows 10 that they do not use and also would help to categorize updates in the views.

                  6 votes
                  Sign in
                  Check!
                  (thinking…)
                  Reset
                  or sign in with
                  • facebook
                  • google
                    Password icon
                    I agree to the terms of service
                    Signed in as (Sign out)

                    We’ll send you updates on this idea

                    1 comment  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
                  • KB3213986 Causes Logon Failures When Starting BITS Service - Please fix

                    After installing update KB3213986 on Server 2016 Desktop Experience, a failed logon is logged every time the BITS service is started.

                    Failed Logon Event:
                    Log Name: Security
                    Source: Microsoft-Windows-Security-Auditing
                    Date: 2/27/2017 1:27:10 PM
                    Event ID: 4625
                    Task Category: Logon
                    Level: Information
                    Keywords: Audit Failure
                    User: N/A
                    Computer: PLB-DXX-TP01.dev-products.local
                    Description:
                    An account failed to log on.

                    Subject:
                    Security ID: SYSTEM
                    Account Name: PLB-DXX-TP01$
                    Account Domain: DEV-PRODUCTS
                    Logon ID: 0x3E7

                    Logon Type: 5

                    Account For Which Logon Failed:
                    Security ID: NULL SID
                    Account Name: -
                    Account Domain: -

                    Failure Information:
                    Failure Reason: An Error occured during Logon.
                    Status: 0xC0000073
                    Sub Status: 0xC0000073

                    27 votes
                    Sign in
                    Check!
                    (thinking…)
                    Reset
                    or sign in with
                    • facebook
                    • google
                      Password icon
                      I agree to the terms of service
                      Signed in as (Sign out)

                      We’ll send you updates on this idea

                      13 comments  ·  Patch Behaviors  ·  Flag idea as inappropriate…  ·  Admin →
                    • Support WsusContent folder dedup in Server OS.

                      It sure would be nice if the WsusContent folder would work with the dedup in Server OS. With Express Updates enabled for Windows 10 deltas this folder grows and grows. Performing a few test cases dedup saves 50% or more however it breaks WSUS.

                      3 votes
                      Sign in
                      Check!
                      (thinking…)
                      Reset
                      or sign in with
                      • facebook
                      • google
                        Password icon
                        I agree to the terms of service
                        Signed in as (Sign out)

                        We’ll send you updates on this idea

                        0 comments  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
                      • KB4015553 on Windows Server 2012 R2 with SQL 2008 R2 creates System Kernel Process Handle/Thread Leak

                        KB4015553 on a Windows Server 21012 R2 with SQL 2008 R2 creates a System Kernel Process Handle/Thread Leak. It is easy to see in the Task Manager after adding the Handle/Thread count columns. The counts increase nearly 1 per second until the OS and system is unresponsive and collapses.

                        Another indicator is in the event logs, 4231 events appear: Description:
                        A request to allocate an ephemeral port number from the global TCP
                        port space has failed due to all such ports being in use.

                        But the ephemeral port alert is not the root cause.

                        7 votes
                        Sign in
                        Check!
                        (thinking…)
                        Reset
                        or sign in with
                        • facebook
                        • google
                          Password icon
                          I agree to the terms of service
                          Signed in as (Sign out)

                          We’ll send you updates on this idea

                          4 comments  ·  Patch Behaviors  ·  Flag idea as inappropriate…  ·  Admin →
                        • Please implement effective filtering options in Microsoft Update Catalog Search

                          I am missing to have more options than just a very common keyword search in Microsoft Update Catalog.

                          setting up filters like OS version, branch, x86 / x64 and update categories AND date equal / greater than would be amazingly helpful to find a specific group of updates.

                          Admit it, the current search is not very helpful if you are NOT searching for a specific KB but a set of updates.

                          E.g. try to enlist all Windows 2003 Server Updates released after January 2017. Good luck, trying.

                          1 vote
                          Sign in
                          Check!
                          (thinking…)
                          Reset
                          or sign in with
                          • facebook
                          • google
                            Password icon
                            I agree to the terms of service
                            Signed in as (Sign out)

                            We’ll send you updates on this idea

                            1 comment  ·  Windows Update  ·  Flag idea as inappropriate…  ·  Admin →
                          • Implement WID reindexing and DB shrinking for WSUS on WID

                            There exist a technet site with a maintenance SQL script to reindex the WID for WSUS 3.x, it would be great if you could implement this into the GUI, aside having a capability to backup and restore, aswell as shrinking the WID database.

                            4 votes
                            Sign in
                            Check!
                            (thinking…)
                            Reset
                            or sign in with
                            • facebook
                            • google
                              Password icon
                              I agree to the terms of service
                              Signed in as (Sign out)

                              We’ll send you updates on this idea

                              0 comments  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
                            • Implement complete removal of unsused products in WSUS 3.x

                              Please implement an ability to really get rid off unused products in WSUS 3.x

                              Example:
                              A company once used XP and 7 and now upgraded to Windows 10. However it is not possible to really purge old products from the WSUS database.

                              The Update files can be removed using the cleanup wizard, but the entries in the MSSQL DB will remain.

                              Especially if one has once used the older drivers category that has been reorganized for Windows 10, this causes a lot of performance issues and only a fresh WSUS without adding old products and categories will help.

                              This is…

                              2 votes
                              Sign in
                              Check!
                              (thinking…)
                              Reset
                              or sign in with
                              • facebook
                              • google
                                Password icon
                                I agree to the terms of service
                                Signed in as (Sign out)

                                We’ll send you updates on this idea

                                1 comment  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
                              • Add Windows Update Group Policy Feature to allow clients to download approved updates directly from Microsoft

                                I have a local WSUS server, it stores all my updates for my local users, I approve the updates and everything is great. At the same time I have bunch of remote offices that have faster WAN connections than VPN/MPLS.

                                I can setup a second WSUS server, point it at my upstream server at HQ and tell it to not store the updates. All clients connecting to this server will fetch updates from Microsoft.

                                Why not make this a simple binary GPO overwrite instead of adding the complexity?

                                Force client to fetch windows update binaries from Microsoft

                                2 votes
                                Sign in
                                Check!
                                (thinking…)
                                Reset
                                or sign in with
                                • facebook
                                • google
                                  Password icon
                                  I agree to the terms of service
                                  Signed in as (Sign out)

                                  We’ll send you updates on this idea

                                  0 comments  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
                                • Implement GUI and easier XML rule creation for USMT (Windows 10 ADK)

                                  It is cool to see that ADK will be updated with every new Windows 10 release but USMT seems to complicated for new admins.

                                  Please implement a GUI and a visual creation for the XML files to control this service.

                                  I personally don't want to study a book to make it work right.

                                  1 vote
                                  Sign in
                                  Check!
                                  (thinking…)
                                  Reset
                                  or sign in with
                                  • facebook
                                  • google
                                    Password icon
                                    I agree to the terms of service
                                    Signed in as (Sign out)

                                    We’ll send you updates on this idea

                                    0 comments  ·  Deployment & Installation  ·  Flag idea as inappropriate…  ·  Admin →
                                  • BUG: Cleaning up WID for WSUS on Windows 2008 R2 causes DB timeouts

                                    this is a known bug but I think rather than reindexing and cleaning up the WSUS DB with a SQL script you could fix this programmatically.

                                    The issue is know an happens during the first stage of the wizard when cleaning up old updates.

                                    1 vote
                                    Sign in
                                    Check!
                                    (thinking…)
                                    Reset
                                    or sign in with
                                    • facebook
                                    • google
                                      Password icon
                                      I agree to the terms of service
                                      Signed in as (Sign out)

                                      We’ll send you updates on this idea

                                      0 comments  ·  WSUS  ·  Flag idea as inappropriate…  ·  Admin →
                                    • Increase Active Hours from 12 hours to 22 hours

                                      The current 12 hour window for "Active Hours" needs to be longer so the updates/reboots can happen in the middle of the night.

                                      8 votes
                                      Sign in
                                      Check!
                                      (thinking…)
                                      Reset
                                      or sign in with
                                      • facebook
                                      • google
                                        Password icon
                                        I agree to the terms of service
                                        Signed in as (Sign out)

                                        We’ll send you updates on this idea

                                        2 comments  ·  Patch Management  ·  Flag idea as inappropriate…  ·  Admin →
                                      • 1 vote
                                        Sign in
                                        Check!
                                        (thinking…)
                                        Reset
                                        or sign in with
                                        • facebook
                                        • google
                                          Password icon
                                          I agree to the terms of service
                                          Signed in as (Sign out)

                                          We’ll send you updates on this idea

                                          1 comment  ·  Windows Update  ·  Flag idea as inappropriate…  ·  Admin →
                                        • Change update behavior on Windows Server 2016

                                          In server 2016 when downloading an update it also installs the same time (no option to only download), then the 12hour window begins, when this is over and time is outside worktimeframe (which is a somehow strange setting for a server) the server automatically reboots.

                                          The same when I install something microsoft related during workhours which normaly has no effect on user experience, but if setup installs also a patch then the reboot countdown also starts.

                                          Please change back to the old behavior where downloading updates and installing them where different tasks and also rebooting had to be user initiated.

                                          4 votes
                                          Sign in
                                          Check!
                                          (thinking…)
                                          Reset
                                          or sign in with
                                          • facebook
                                          • google
                                            Password icon
                                            I agree to the terms of service
                                            Signed in as (Sign out)

                                            We’ll send you updates on this idea

                                            0 comments  ·  Windows Update  ·  Flag idea as inappropriate…  ·  Admin →
                                          ← Previous 1 3 4
                                          • Don't see your idea?

                                          Feedback and Knowledge Base