During monthly windows patching, AA component servers are not rebooted in any particular order and we have observed errors and end users are not able to login through application. We eventually have to restart services to fix the issue. 

We would like to know if there is any particular order in which servers should be rebooted to avoid such issues in the future.

Release : 9.x

Component : AuthMinder(Arcot WebFort) Strong Authentication

RiskMinder(Arcot RiskFort) Risk Authentication

AFM component is dependent upon the Strong Authentication and Risk Authentication service so these services should be started first and then the arcotafm application deployed in the application server.

The services need to be started in this order.

1. Stop the AuthMinder and RiskMinder services.
2. Stop the Application server for Admin and UDS.
3. Stop the application server where AFM/StateManager application is deployed.
4. Do the patching on above boxes.
5. Start the AuthMinder and RiskMinder services.
6. Start the Application server for Admin and UDS.
7. Start the Application server where AFM application is deployed.

Please verify the services are started fine by looking at the logs in ARCOT_HOME/logs directory and verify that the services are started fine. One need to verify the arcotwebfortstartup.log and arcotriskfortstartup.log file to see services came up fine and you can look for work "READY" to verify.