(imported topic written by RichB91)
On our Windows servers, it is our practice to perform a reboot prior to patching, in addition to the reboot after patching. This policy is beyond my control.
On some of our Windows servers, one or more settings need to be changed prior to a reboot to make sure the server will be in an “off-line mode†after the first reboot. Those settings, obviously, need to be restored prior to the second reboot so the server will be in an “on-line mode†after the second reboot.
On some of our order processing servers, we also need to tell an application to stop accepting new connections, but wait to finish processing existing connections before shutting down.
Example of the current manual process:
- Set the Registry entry for the application’s maximum number of new connections
MaxNewConnections
to 0. This will allow existing orders to continuing processing prevent new orders from being initiated.
-
Wait an unknown amount of time (seconds to tens of minutes) for in-flight orders to be completed. Once {exists running application “myprogram.exe”} = False then it is safe to proceed.
-
Set the Start-Up Type of two services to Manual
-
Reboot #1
-
Double check that the application is in “off-line mode†by verifying that the Start-Up Type of two services are set to Manual and that {exists running application “myprogram.exe”} = False
-
Apply patches
-
Set the Registry entry for the application’s maximum number of new connections to 25
-
Set the Start-Up Type of two services to Automatic
-
Reboot #2
-
Double check that application is in “on-line mode†by verifying that Start-Up Type of two services are set to Automatic and that {exists running application “myprogram.exe”} = True
Short of exploring the RunBook Automation add-on via BigFix Professional Services, anyone have any recommendations on how to approach automating this set of procedures?