Before beginning, ensure the following:
Automatic Updates from Microsoft are set to download only, not install automatically.
The Passive server has a Management IP configured which can access Internet and the DNS port (53) is open through the Neverfail Packet Filter.
β
To verify, open a browser on the Passive server and confirm access to https://www.microsoft.com.
Log into the Passive server (typically the Secondary, but verify in your environment).
Open Windows Update and allow it to check for available updates.
Download and install the required patches or hotfixes.
If prompted, reboot the server to complete installation.
After reboot, verify that all updates were successfully installed.
Re-check for updates. If additional ones are found, repeat steps 3β5.
Launch the Neverfail Advanced Management Client and ensure synchronization between both servers is healthy.
Use the "Make Active" button in the Neverfail Advanced Client to switch roles.
β οΈ Users may experience a brief interruption during the switchover.
On the now Passive server, repeat steps 2β6 to apply the updates.
If desired, perform a second switchover to return the servers to their original Active/Passive roles.
Once both servers have been successfully updated and are synchronized, your Neverfail environment is fully patched with minimal disruption to end users.