Show message to logon user before reboot

Hi, I need a script which check if machine is required a reboots and if the reboot is required the reboot a machine but if any user is logon it show them a message and when user click on the message it reboots the machine.

Add-Type -AssemblyName PresentationCore,PresentationFramework
$ButtonType = [System.Windows.MessageBoxButton]::OK
$MessageIcon = [System.Windows.MessageBoxImage]::Warning
$MessageBody = "Update applied to your machine, reboot is required?"
$MessageTitle = "Confirm Reboot"

$user = query user

if($user) {
$Result = [System.Windows.Forms.MessageBox]::Show($THIS,$MessageBody,$MessageTitle,$ButtonType,$MessageIcon)
}

shutdown -r -f -t 0

Its showing message to any account including system

Are these Windows patches? How are the patches being deployed? Patches are deployed as SYSTEM and scripts with GUI’s are executed as a USER. Provide details about exactly what you are doing and there is usually pre-built or vendor solutions to this issue as it’s a common ask.

Patches are stored locally on a machine and being applied with wusa.exe Patch /quiet /norestart /log:logfile (As system account) through a PowerShell script during a windows 10 1809 upgrade.

We need to make sure that if any user is logon we can show them a message before forcing a reboot.

Once the patch is applied and if no user is logged on then reboot the machine but if the user is logged on then show the message and then reboot the machine

 

I tried following but again it’s not picking up active users. I need to make sure if users are login through RDP or consol it show them a message before reboot.

function Test-PendingReboot
{
if (Get-ChildItem “HKLM:\Software\Microsoft\Windows\CurrentVersion\Component Based Servicing\RebootPending” -EA Ignore) { return $true }
if (Get-Item “HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired” -EA Ignore) { return $true }
if (Get-ItemProperty “HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager” -Name PendingFileRenameOperations -EA Ignore) { return $true }

try {
$util = [wmiclass]"\.\root\ccm\clientsdk:CCM_ClientUtilities"
$status = $util.DetermineIfRebootPending()
if (($status -ne $null) -and $status.RebootPending)
{
return $true
}
}
catch { }
return $false
}

if(Test-PendingReboot)
{
Add-Type -AssemblyName PresentationCore,PresentationFramework
$ButtonType = [System.Windows.MessageBoxButton]::OK
$MessageIcon = [System.Windows.MessageBoxImage]::Warning
$MessageBody = “Please click on OK to reboot machine?”
$MessageTitle = “Confirm Reboot”

$activeUser = query session | where {$_ -match ‘console’}
if($activeUser)
{
$Result = [System.Windows.Forms.MessageBox]::Show($THIS, $MessageBody, $MessageTitle, $ButtonType, $MessageIcon)
}

shutdown -r -f -t 0
}

 

Script will being running as SYSTEM but need to make sure it shows message to current active user

 

This indicates you are manually patching machines…

This indicates you have SCCM…

Why are the upgrades not being managed from SCCM?

When you upgrade the machine from 1809 to 1909 the search bar is not working and the patch we are applying is not approved within our Org.

I’m using SCCM to apply the upgrade but the patch is being applied through a batch file usign wusa.exe