Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
8,394 questions
Windows Update Azure VM Windows Server 2016
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(204.8, 74%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EJF%3C/text%3E%3C/svg%3E)
Joseph Fitzgerald
25
Reputation points
Even when setting local group policy to Ask to Download and Ask to Install after downloading the patches are auto installed. I want to ensure that ask to download and ask to install our 2 separate functions. This will help by scheduling time for download and scheduling time to install at separate times. These are on business critical Producttion Azure VMs. I have set the local group policy to the above and ensure there is not overriding Domain Group Policies.
{count} votes
-
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(230.39999999999998, 86%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EAK%3C/text%3E%3C/svg%3E)
Akshay kumar Mandha 2,665 Reputation points Microsoft Vendor2025-02-18T21:42:56.7033333+00:00 Hi Joseph Fitzgerald,
Welcome to the Microsoft Q&A Platform! Thank you for reaching out with your question.
I understand that you are experiencing an issue where patches are automatically installing after being downloaded.To address this, please ensure that the policy is correctly applied on your VM. You need to set it to "2 - Notify before downloading and installing any updates".
Image for your reference
This setting will require you to manually approve both the download and the installation of updates, giving you full control over the process.
For detailed instructions on configuring and saving this policy, please refer to the document. Patching using group policy on Azure Update Manager
If you have any further questions or need additional assistance, feel free to reach out. I'm always here to help!
If you found this informative, could you please click an answer and upvote it -
Akshay kumar Mandha 2,665 Reputation points Microsoft Vendor
2025-02-19T17:18:58.5866667+00:00 Hi Joseph Fitzgerald,
Just checking in to see on my previous solution if you have any further questions. If you need additional assistance, feel free to tag me in a comment I’ll be happy to help! -
Joseph Fitzgerald 25 Reputation points
2025-02-19T17:22:49.9966667+00:00 I have the setting as auto download and notify to install. Yet when I select install now, the next option goes to downloading updates. I want the updates to already be downloaded to where the ask to install is to install, not download.
-
Joseph Fitzgerald 25 Reputation points
2025-02-19T18:50:48.8933333+00:00 Hi @Akshay kumar Mandha Update settings are set to auto download but notify to install. The only way I can get this to apply is through 2 restarts. Are you awrare of how to ensure this setting is applied without restarts?
-
Akshay kumar Mandha 2,665 Reputation points Microsoft Vendor
2025-02-19T18:59:19.4966667+00:00 Hi Joseph Fitzgerald,
Thank you for reaching out. Based on the information provided, it appears that while you have selected 3rd option auto download and notify to install, the issue might persist due to the automatic maintenance feature being enabled. This feature could be overriding your policy and installing the downloaded updates without manual intervention.Could please refer to the image below for guidance. Disabling this feature can ensure that updates are not installed automatically.
Additionally, when creating your VM, ensure that the update settings are configured to manual updates rather than automatic OS updates. This setting might also be causing the policy override issue.
Image for your reference
For further details, refer to the provided documentation.
If you have more inquiries or require more assistance, please mention me in a comment. I'm happy to help you out!
-
Joseph Fitzgerald 25 Reputation points
2025-02-19T20:00:14.42+00:00 The issue I am reporting are on already created VMs so Creation of VM section is not applicable. I have also tried to complete the below. As well as gpupdate /force. So far nothing is working without a restart of the VM to apply changes. Any other ideas?
net stop gpsvc net start gpsvc -
Joseph Fitzgerald 25 Reputation points
2025-02-19T20:08:05.1733333+00:00 Hello @Akshay kumar Mandha
I change unchecked the box in the first screenshot.
The second screenshot and information would not be viable as these are VMs built in 2020 so configuring update settings to manual does not work.I have completed gpupdates and tried to stop and start the GP service. A restart of the VM to apply updates would not be a great solution for this infrastructure. Do you have any other ideas?
-
Joseph Fitzgerald 25 Reputation points
2025-02-19T21:14:43.0266667+00:00 I have completed process now on 2 different VMs with 2 grafceful restarts to apply settings change to below, which then auto download updates and then let me choose when to install. The problem is these VMs do not have have large data disks associated with them so the restarts for all within a couple minutes. The Production VMs have 1-4 TB of data disks so the restarts will take a long period of time. I would really like to find a way to eliminate restarts for these settings to apply.
-
Akshay kumar Mandha 2,665 Reputation points Microsoft Vendor
2025-02-19T22:51:58.98+00:00 Hi Joseph Fitzgerald,
After applying the changes, does the system prompt you to restart the VM, or you are only saying the restart the only way to apply the updates effectively?
Because for service start and stop won't need restart until it prompts
could you please confirm on this?
Sign in to comment
Sign in to answer