Windows - Maintenance - Maintenance Window Reboots

What the maintenance window reboot scheduler does

This Automox Worklet™ manages endpoint reboots within defined maintenance windows on Windows endpoints and servers. The Worklet detects conditions that require a restart, including pending Windows Updates, application installations, domain joins, and endpoint renames. It then creates or updates a scheduled task to restart the endpoint during your configured maintenance window.

By default, the Worklet checks for reboot conditions and schedules restarts between 1 AM and 4 AM in the endpoint's local timezone. You can customize the maintenance window time range and override the timezone to align with your organization's requirements. The Worklet supports both 12-hour and 24-hour time format specifications.

The Worklet detects conditions that require a restart, including pending Windows Updates, application installations, domain joins, and endpoint renames, then creates or updates a scheduled task to restart during your configured maintenance window.

The scheduled task runs with system-level privileges and includes automatic restart logic if the initial restart attempt fails. This ensures that necessary reboots complete even if network issues or temporary service failures occur.

Why schedule maintenance window reboots

Uncontrolled endpoint reboots create unpredictable downtime that disrupts user productivity and business operations. By consolidating reboots into scheduled maintenance windows, you verify that system restarts happen during designated off-hours when user impact is minimal. This approach is critical for compliance-heavy environments where you must document and control system changes.

Many organizations have service level agreements that require change notifications or specific maintenance windows. Automating reboot scheduling within those windows ensures your endpoints remain current with security patches and Windows Updates while respecting operational constraints. You also reduce help desk tickets from users encountering unexpected restarts during business hours.

The Worklet addresses a common IT operations challenge: balancing the need for timely security updates against the need for predictable endpoint availability. By automatically detecting reboot requirements and scheduling remediation within your maintenance window, you achieve both security compliance and operational stability.

How maintenance window reboot scheduling works

1. Evaluation phase: The Worklet first evaluates whether a scheduled task named "ScheduledRestart" exists and is properly configured within your maintenance window. If the task exists and is active with a trigger time within your configured restart window, the evaluation passes and no remediation is required. If the task is missing, inactive, or scheduled outside your maintenance window, the Worklet flags remediation as needed.

2. Remediation phase: During remediation, the Worklet checks multiple registry locations for conditions requiring a restart, including pending Windows Updates, application installations tracked in PendingFileRenameOperations, domain join status, and endpoint rename indicators. If any reboot condition is detected or if you enable the forced reboot setting, the Worklet creates a new scheduled task or updates the existing task with a restart command scheduled for the next available maintenance window. The task includes retry logic that attempts to restart up to three times if the initial restart fails, using a ten-minute interval between retry attempts.

Maintenance window reboot configuration requirements

• Windows endpoints or servers (Windows 10, Windows 11, Windows Server 2016 or later)

• System-level privileges required to create and manage scheduled tasks

• PowerShell version 5.1 or later for script execution

• Administrative access to the Windows Task Scheduler

• Optional: Timezone customization by specifying a Windows timezone ID (for example, Eastern Standard Time, Pacific Standard Time, or any recognized Windows timezone)

• Optional: Restart window customization using either 12-hour format with AM/PM designation (1:00AM-4:00AM) or 24-hour format (01:00-04:00)

• Optional: Forced reboot mode by setting the $rebootForce variable to $true to reboot during the maintenance window regardless of whether a reboot is required

Expected maintenance window reboot behavior

After the Worklet runs successfully, endpoints will have a scheduled task named "ScheduledRestart" configured to restart during your specified maintenance window. You can verify this task in Windows Task Scheduler under the root folder. The task will execute at the scheduled time and the endpoint will restart using the shutdown.exe command with the restart parameter.

If reboot conditions are detected, the Worklet displays which conditions triggered the remediation (for example, "Pending Windows Updates" or "An installed or updated application requires a reboot to complete"). The endpoint restarts at the next available scheduled time within your maintenance window. If the restart fails for any reason, the operating system automatically retries the restart three times at ten-minute intervals. Once the endpoint restarts, pending updates and installations complete, and any domain join or endpoint rename operations finish their configuration.