Particular kb asking reboot machine again and again

Question

Only One kb from last month patch cycle asking need to reboot again and again.

1.recreated wmi

2.updated policy actions from configuration manager.

3. Checked no auto reboot required key generated in registry.

4.stop required services like windows update,bits, cryptography and remanded software distribution folder and catroot 2 folder.

5. delete register.pol file .

6. Such kB showing installed in control panel and logs.

But still same issue related to only one kb .

Any idea for this issue

solved 0
Mohd Aamir 2020-05-28T22:24:45+05:30 8 Answers 426 views Beginner
0

Answers ( 8 )

  2. Vidya M A
    0
    2022-03-17T17:28:37+05:30
    Reply

    Hopefully, I am going to close this thread. Try to share the best method to help others in the community.

  4. Mohd Aamir
    0
    2020-05-29T18:48:01+05:30
    Reply

    Yes uninstall such patch and try to install but some 5 munites showing it is installed .user is on VPN so only one way for taking remote from software center so I can not stopped smsagent service.let me found out any other for taking remote

  6. Deepak Rai
    0
    2020-05-29T13:58:46+05:30
    Reply

    I am 100 % Confident there is reboot flag key not getting cleared after installing and rebooting.

    When you’re in on the console, you can notice a reboot is pending by some popup box or notification as shown below.

    From that notification, you can restart Windows and be done with it. But, what if you can’t immediately reboot a machine when it needs to? What if you’ve just installed updates on a production server and that server can’t be rebooted right now?

    Pending Reboot Flags are in the Registry

    A pending reboot is defined in many places. A Windows computer is pending a reboot if any of the conditions in this table are true.

    HKLM:\SOFTWARE\Microsoft\Updates UpdateExeVolatile Value is anything other than 0
    HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager PendingFileRenameOperations value exists
    HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager PendingFileRenameOperations2 value exists
    HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired NA key exists
    HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending NA Any GUID subkeys exist
    HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\PostRebootReporting NA key exists
    HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce DVDRebootSignal value exists
    HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending NA key exists
    HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootInProgress NA key exists
    HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackagesPending NA key exists
    HKLM:\SOFTWARE\Microsoft\ServerManager\CurrentRebootAttempts NA key exists
    HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon JoinDomain value exists
    HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon AvoidSpnSet value exists
    HKLM:\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName ComputerName Value ComputerName in HKLM:\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName is different
    If you have the Microsoft System Center Configuration Manager (SCCM) client installed, you may also see these methods in WMI.

    NAMESPACE CLASS PROPERTY VALUE PRODUCT NOTES
    ROOT\ccm\Client SDKCCM_ClientUtilities DetermineifRebootPending RebootPending SCCM ReturnValue needs to be 0 and this value is not null
    ROOT\ccm\Client SDKCCM_ClientUtilities DetermineifRebootPending IsHardRebootPending SCCM ReturnValue needs to be 0 and this value is not null
    Once you know each method to check for a pending reboot, there are many different ways to check registry values. You could open up regedit.exe and manually mouse through each registry key.

    Checking regedit manually
    Manually checking via the registry works but we’re human. What if you forget to check one registry path or just forget which ones to check? There’s a much better way to do this. You can create a script or function to do this for you. In my case, I prefer PowerShell so that’s what I’ll use.

    By using a PowerShell script, you can query one or all computers in our domain or manually provide the server names to see if they are pending a reboot. You can then make a decision to whether to reboot them then or make a list to reboot later. The choice is yours.

    To use my PowerShell method, you’ll need to ensure PowerShell Remoting is set up and available on your servers. You can check out my post on enabling PS Remoting remotely for more information on how to do that.

    Testing for a a Pending Reboot (The Easy Way)

    If you don’t want to learn how to check these registry keys and build a tool like this in PowerShell, I’ve made it easy for you. Simply open up your PowerShell console and type Install-Script Test-PendingReboot. Install-Script will download my PowerShell script from the PowerShell Gallery to C:\Program Files\WindowsPowerShell\Scripts. Then run the script as shown below.

    PS51> Test-PendingReboot.ps1 -ComputerName localhost

    ComputerName IsPendingReboot
    ———— —————
    localhost False
    Copy
    You can provide as many servers as you want via the ComputerName parameter. The script will return True or False along with the server name.

    This tool checks all of the registry keys in the above table for you.

    If you’d like to add conditions I’ve missed or correct any mistakes I’ve made, feel free to issue a pull request on GitHub to fix it.
    If you want to learn how to build a tool like this, read on!

    Building a Pending Reboot PowerShell Tool
    First, you’ll need to define all of the computers you’d like to test a reboot on. There are many different ways to do this but for this demonstration, I’ll define them manually via an array.

    $servers = ‘SRV1′,’SRV2′,’SRV3’
    Copy
    Now create a foreach loop to iterate over each of them.

    foreach ($srv in $servers) {

    }
    Copy
    Next, I recommend using PowerShell Remoting and checking each registry key and value condition inside of a single PSSession. Create a PSSession for every server.

    foreach ($srv in $servers) {
    $session = New-PSSession
    }
    Copy
    Once you have a PSSession created, you’ll then need to run the checks.

    Since you’ll be running many different checks using the same code such as:

    Testing if a registry key exists
    Testing if a registry value exists
    Testing if a registry value is not null
    I recommend creating simple functions for each of these checks. This allows you to call a function instead of duplicating code. The Test-PendingReboot script builds all of these helper functions into a single scriptblock as shown below.

    $scriptBlock = {
    function Test-RegistryKey {
    [OutputType(‘bool’)]
    [CmdletBinding()]
    param
    (
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Key
    )

    $ErrorActionPreference = ‘Stop’

    if (Get-Item -Path $Key -ErrorAction Ignore) {
    $true
    }
    }

    function Test-RegistryValue {
    [OutputType(‘bool’)]
    [CmdletBinding()]
    param
    (
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Key,

    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Value
    )

    $ErrorActionPreference = ‘Stop’

    if (Get-ItemProperty -Path $Key -Name $Value -ErrorAction Ignore) {
    $true
    }
    }

    function Test-RegistryValueNotNull {
    [OutputType(‘bool’)]
    [CmdletBinding()]
    param
    (
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Key,

    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Value
    )

    $ErrorActionPreference = ‘Stop’

    if (($regVal = Get-ItemProperty -Path $Key -Name $Value -ErrorAction Ignore) -and $regVal.($Value)) {
    $true
    }
    }
    }
    Copy
    Inside of that same scriptblock, define each condition referencing the helper functions you just created.

    $tests = @(
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending’ }
    { Test-RegistryKey -Key ‘HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootInProgress’ }
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired’ }
    { Test-RegistryKey -Key ‘HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackagesPending’ }
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\PostRebootReporting’ }
    { Test-RegistryValueNotNull -Key ‘HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager’ -Value ‘PendingFileRenameOperations’ }
    { Test-RegistryValueNotNull -Key ‘HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager’ -Value ‘PendingFileRenameOperations2’ }
    { (Get-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\Updates’ -Name ‘UpdateExeVolatile’ | Select-Object -ExpandProperty UpdateExeVolatile) -ne 0 }
    { Test-RegistryValue -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce’ -Value ‘DVDRebootSignal’ }
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\ServerManager\CurrentRebootAttemps’ }
    { Test-RegistryValue -Key ‘HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon’ -Value ‘JoinDomain’ }
    { Test-RegistryValue -Key ‘HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon’ -Value ‘AvoidSpnSet’ }
    {
    (Get-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName’).ComputerName -ne
    (Get-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName’).ComputerName
    }
    {
    if (Get-ChildItem -Path ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending’) {
    $true
    }
    }
    )
    Copy
    You can now create a foreach loop inside of your $servers foreach loop that reads each test executes each test.

    foreach ($test in $tests) {
    if (& $test) {
    $true
    break
    }
    }
    Copy
    When you run the code, the script returns an output like this:

    ComputerName IsPendingReboot
    ———— —————
    Server1 False
    Server2 True
    You can create this output by ensuring the foreach loop returns a single object per server. You should know that if any of the registry values exist, then the server is pending a reboot. Knowing this, you then need to return True if any of the values exist and False if none of them exist.

    Wrap all of this up into a script and it should look like this (with some minor additions like Credential).

    [CmdletBinding()]
    param(
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string[]]$ComputerName,

    [Parameter()]
    [ValidateNotNullOrEmpty()]
    [pscredential]$Credential
    )

    $ErrorActionPreference = ‘Stop’

    $scriptBlock = {
    function Test-RegistryKey {
    [OutputType(‘bool’)]
    [CmdletBinding()]
    param
    (
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Key
    )

    $ErrorActionPreference = ‘Stop’

    if (Get-Item -Path $Key -ErrorAction Ignore) {
    $true
    }
    }

    function Test-RegistryValue {
    [OutputType(‘bool’)]
    [CmdletBinding()]
    param
    (
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Key,

    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Value
    )

    $ErrorActionPreference = ‘Stop’

    if (Get-ItemProperty -Path $Key -Name $Value -ErrorAction Ignore) {
    $true
    }
    }

    function Test-RegistryValueNotNull {
    [OutputType(‘bool’)]
    [CmdletBinding()]
    param
    (
    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Key,

    [Parameter(Mandatory)]
    [ValidateNotNullOrEmpty()]
    [string]$Value
    )

    $ErrorActionPreference = ‘Stop’

    if (($regVal = Get-ItemProperty -Path $Key -Name $Value -ErrorAction Ignore) -and $regVal.($Value)) {
    $true
    }
    }

    $tests = @(
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending’ }
    { Test-RegistryKey -Key ‘HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootInProgress’ }
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired’ }
    { Test-RegistryKey -Key ‘HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\PackagesPending’ }
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\PostRebootReporting’ }
    { Test-RegistryValueNotNull -Key ‘HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager’ -Value ‘PendingFileRenameOperations’ }
    { Test-RegistryValueNotNull -Key ‘HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager’ -Value ‘PendingFileRenameOperations2’ }
    { (Get-ItemProperty -Path ‘HKLM:\SOFTWARE\Microsoft\Updates’ -Name ‘UpdateExeVolatile’ | Select-Object -ExpandProperty UpdateExeVolatile) -ne 0 }
    { Test-RegistryValue -Key ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce’ -Value ‘DVDRebootSignal’ }
    { Test-RegistryKey -Key ‘HKLM:\SOFTWARE\Microsoft\ServerManager\CurrentRebootAttemps’ }
    { Test-RegistryValue -Key ‘HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon’ -Value ‘JoinDomain’ }
    { Test-RegistryValue -Key ‘HKLM:\SYSTEM\CurrentControlSet\Services\Netlogon’ -Value ‘AvoidSpnSet’ }
    {
    (Get-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\ComputerName\ActiveComputerName’).ComputerName -ne
    (Get-ItemProperty -Path ‘HKLM:\SYSTEM\CurrentControlSet\Control\ComputerName\ComputerName’).ComputerName
    }
    {
    if (Get-ChildItem -Path ‘HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Services\Pending’) {
    $true
    }
    }
    )

    foreach ($test in $tests) {
    if (& $test) {
    $true
    break
    }
    }
    }

    foreach ($computer in $ComputerName) {
    try {
    $connParams = @{
    ‘ComputerName’ = $computer
    }
    if ($PSBoundParameters.ContainsKey(‘Credential’)) {
    $connParams.Credential = $Credential
    }

    $output = @{
    ComputerName = $computer
    IsPendingReboot = $false
    }

    $psRemotingSession = New-PSSession @connParams

    if (-not ($output.IsPendingReboot = Invoke-Command -Session $psRemotingSession -ScriptBlock $scriptBlock)) {
    $output.IsPendingReboot = $false
    }
    [pscustomobject]$output
    } catch {
    Write-Error -Message $_.Exception.Message
    } finally {
    $psRemotingSession | Remove-PSSession
    }
    }
    Copy
    Test-PendingReboot.ps1
    You can now execute it like this:

    PS51> .\Test-PendingReboot.ps1 -Server SRV1,SRV2,SRV3,etc

    Summary
    You should now have a quick way to test pending reboot across Windows servers. You can see that by using PowerShell, you can consolidate down many tedious steps into one script. This script allows you to quickly test for a pending reboot across many servers at once.

    If you know of any other indications to check for a pending reboot, please let me know.

    • Mohd Aamir
      0
      2020-05-29T18:43:16+05:30
      Reply

      Hi Deepak ,I will check but run command to get information reboot key but no reboot is available.

      • Deepak Rai
        0
        2020-05-31T17:13:32+05:30
        Reply

        So you mean to say the key itself is missing from all those places in my previous answer?

        • Aamir ansari
          0
          2020-06-02T13:27:39+05:30
          Reply

          yes , issue has been fixed for below steps .

          net stop wuauserv
          net stop cryptSvc
          net stop bits
          net stop msiserver
          delete C:\Windows\SoftwareDistribution.
          Ren C:\Windows\System32\catroot2 Catroot2.old
          net start wuauserv
          net start cryptSvc
          net start bits
          net start msiserver

  8. Harjit Dhaliwal
    1
    2020-05-29T03:33:59+05:30
    Reply

    Have you tried uninstalling that patch, and then attempt to update against Microsoft instead of your ConfigMgr/SUP?

    • Mohd Aamir
      0
      2020-05-29T18:47:09+05:30
      Reply

      Yes uninstall such patch and try to install but some 5 munites showing it is installed .user is on VPN so only one way for taking remote from software center so I can not stopped smsagent service.let me found out any other for taking remote

      Best answer

Leave an answer

Sorry, you do not have permission to answer to this question .