Windows - Maintenance - Maintenance Window Reboots

Hi Cbranum,

If you have a green checkmark next to your policy name, in general it indicates the endpoint is compliant (in this case, no reboot needed) and the Remediation code will not run.

The Remediation code will run under one of two conditions: The endpoint is not compliant (clock icon next to the policy name on the device, automated run, as scheduled) or if you force it to run (Run On This Device Now).

You can manipulate this behavior. If you want the Remediation code to run as scheduled every time regardless of compliance then you can put ‘exit 1’ in the Evaluation code. This makes the console think the endpoint is not compliant (even though it might be, we just dont care in this case) and the Remediation code will then run.

It is important to scan your device after assigning a new Worklet policy to it (or group of devices). This happens automatically based on the group scan interval, but I prefer to kick a scan off manually to just get it out of the way, no waiting.

I imagine we could revise the Evaluation code of the Worklet in this case. Looking at the exact notes, there actually isn’t even a condition being checked in the Evaluation code to see if a reboot is pending. It just sets up a potential time window to execute the Remediation code. (Am I (the eval code) running on a certain day at a certain time? If yes, queue up the Remediation code.) If my understanding is accurate its not the best approach we could offer since we couldn’t ensure a scan automatically runs within the parameters of the Evaluation code, and also the Remediation code has to be scheduled for execution which would also fall out of the ‘window’ desired or specified in the Evaluation code.

I think it would make sense to put most of the ‘checks’ found in the Remediation code into the Evaluation code. I’ll ask Anthony on monday to see if I need clarity on my understanding of if we can update how this is functioning.