Automatic Windows 10 build updates with reboots only after business hours - how?

For several months now I have been trying to set up automatic Windows updates in the enterprise in a way that does not interfere with users and does not distract me. And if everything worked out with cumulative updates, then assembly updates cannot be automated. There are the following problems:
1. After a new assembly has been installed, the user is prompted to restart the computer, despite the enabled policy "Disable automatic restart for updates during active period". This distracts users and provokes stupid questions addressed to me;
2. If, God forbid, the user agrees with the reboot, then he may be left without a computer for the next half an hour or an hour, and now I will not have questions, but indignation;
3. Evening automatic reboot according to the scheduler does not lead to the application of a new assembly. In order for the assembly to be applied, you need to manually click on the "restart now" button in the "Update and Security" window, or select "Update and Restart" in the start menu.
What has been done:
1. With the help of group policies, users are prohibited from turning off computers;
2. A script is installed on the computers in the scheduler that checks the user's activity in the evening and restarts the computer after half an hour of inactivity. After the reboot, the script turns off the computer.
3. Third party utilities have been tried: downloadinstallpatches.ps1 and shutdownWithUpdates.exe. There was an attempt to apply the installed build 1909 on O / C with build 1809 - both utilities only rebooted the computer, but the build was not applied. Everything turned out only after pressing the start menu "update and restart".
Please help! Maybe there are some tricky group policies or special tricks? Or it can postpone the installation of updates altogether for the evening, but then how will my script know when it is already possible to turn off the computer? After all, working for days is also not a good thing.