Getting those users to reboot

The problem:  You have a bunch of workstations in your environment that are pending restart (see my post "Reboot Pending configuration item and baseline" for info on determining that they are pending restart).  Because these workstations are pending restart they are not receiving updates, or anything else that uses Windows Installer for that matter, and so they don't get notified by the update engine that they are pending restart.  The users, completely oblivious, go on about their business never restarting their machines and you cannot manage them.  This is most common on laptops where they just close the lid (sleep/hibernate) and never actually turn it off.

Compounding this problem, if you were to just send reboots at the machines on any given day, the users will start ringing the help desk that something is amiss.  Even if you send them a countdown with a nice message that it is your company's IT that needs the computer restarted and give them a good long time to choose to restart it themselves they will still ring the help desk saying things like "I think its a virus".

The solution: Ok, this is really clever if I do say so myself.  Here's how to solve this, step-by-step, without causing a bunch of calls to the help desk.

1. Create a package (packaged program model) that contains no source files.  I called mine "Reboot Machine - User Interactive" because I also have one that reboots machines with no user interaction and no real warning but that's an item for another post.
   
2. Create a program for that package with the following settings:
   
   
   Command = ping 127.0.01
   
   Run = Hidden
   
   After Running = Configuration Manager restarts computer
   
   Program can run = Whether or not a user is logged on
   
   
3. Ensure that your client settings for Computer Restart are set to a nice long time, mine is set to 28 hours and the dialog box which they cannot close is set to a nice long time, mine is set to 4 hours.  This is the "nag screen"... they have 24 hours until they get a nag screen they cannot close and 4 hours after that restart is forced.
   
4. Make a collection that contains members of your workstation software updates deployment collection (workstations only!!! don't send this at your servers or other machines that shouldn't be rebooted) that are also pending restart.  Be sure both of those criteria are true for this collection... getting this collection wrong may result in unexpected termination of employment. So, get it right... members of your workstation software updates deployment collection that are also pending restart.
   
5. Deploy the program from step 2 to your new collection from step 4 with the following timing.  Getting the timing wrong will end up in calls to the help desk as mentioned in the problem description.
   
   
   Become Available = At least 4 hours before but I suggest many days ahead.  The further in advance this is the better your results will be.
   
   Expire = A good long time after your mandatory time.  I suggest about a month.  Soapbox: always set expiration on every deployment as it is the only way to know the deployment is no longer necessary.  For things that need to be around a long time, like Microsoft Office, set the expiry to 10 years out but still set something in the field so that you can sort on expiry and see what can be deleted.
   
   Assignment = A couple hours after your software updates for the month become assigned (mandatory/enforced)

The beauty of this is that it is SCCM's restart enforcement doing the work.  Your users are used to seeing those particular enforcement dialogues so they don't cause as many help desk calls.  When you assign this to happen just after (within a couple hours) the windows updates for the month then you have computers all over your environment enforcing updates with the same dialogues and so the users don't think this is any different.  You've managed their expectations... they expect to restart at this time and they expect that restart to look exactly like this.  So, they get restarted and you get much better results on your software updates.  Okay, so you don't get those better results this month, but next month you will and so long as you keep firing this at them every month your results will stay quite high.