I'm trying to figure out the best way to manage Windows updates for kiosk PCs or similar setups that need to run continuously without interruptions. Group Policy hasn't been giving reliable results, so I'm considering using PowerShell for scheduled updates. Can anyone share their strategies for handling Windows patching and Defender updates for machines that need to stay operational for long periods?
5 Answers
You could just automate updates after business hours. This way, the kiosks can be updated without interfering with their uptime during working hours.
Make sure to address why these PCs shouldn't be treated like standard machines. If they need to run 24/7, that definitely changes the update strategy.
Honestly, every PC should just be set to update automatically on a regular schedule, regardless of whether there's a specific user attached to it.
Using Intune's update rings is a solid option. You can set it up to manage updates according to your preferences and dynamically group the systems based on their attributes or hostnames.
I recommend looking into Autopatch along with scheduling weekly reboots. Autopatch is available for all Intune license plans now, and it should keep your systems updated fairly smoothly.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures