Windows Server TechCenter >
Windows Server Forums
>
Group Policy
>
how to enable "Microsoft Update" using a GPO ?
how to enable "Microsoft Update" using a GPO ?
- Hi,
I would like to create a GPO that enable "Microsoft Update" (not Windows Update). So far, the only way I know is to go through the web site. It's quite painfull.
I know using WSUS server who solve my concern but I would like to find a solution without it.
Regards.
Sylvain
Answers
- Hi
Please try to deploy the following script in computer startup script to enable Microsoft Update.
Opt-In to Microsoft Update
http://msdn.microsoft.com/en-us/library/aa826676(VS.85).aspx
Assign computer startup scripts
http://technet.microsoft.com/en-us/library/cc779329(WS.10).aspx
Thanks.
This posting is provided "AS IS" with no warranties, and confers no rights.- Marked As Answer byssbtmp Monday, July 06, 2009 6:56 AM
All Replies
- Hi Sylvain
Please see below mentioned link.
http://technet.microsoft.com/en-us/library/cc720539(WS.10).aspx
Hopes this help!
Deva
Tomorrow's life is too late. Live today. - Hi,
Thank you for posting here.
According to your description, I understand that you would like to enable Microsoft Update via GPO without WSUS. If I have misunderstood the problem, please don't hesitate to let me know.
Please deploy the latest Windows Update Agent via GPO.
Information for network administrators about how to obtain the latest Windows Update Agent
<http://support.microsoft.com/default.aspx?scid=kb;EN-US;946928>
After that, Automatic Updates would check critical updates for Windows, Office and other Microsoft software, i.e. all critical updates of Microsoft Update. Please note, Non-critical updates are not checked by Automatic Updates.
You can also further configure Automatic Update:
How to configure automatic updates by using Group Policy or registry settings
http://support.microsoft.com/kb/328010
Thanks
This posting is provided "AS IS" with no warranties, and confers no rights. - Hi Mervin,
You well understood my concern. But your proposal does not seem to enable "Microsoft Update". Probably I am doing something wrong.
As a trial, I downloaded and manually installed the Windows Update Agent using the link you provided above. I was expecting to see a new checkbox in Windows Update control panel named "use Microsoft Update" but nothing has been added (I tried to reboot and force update without any success).
Do I miss an additionnal step ?
Regards.
Sylvain - Hi Sylvain,
Thank you for update.
As far as I know, we don’t need to do anything more to enable "Microsoft Update". The latest Windows Update Agent will always check Microsoft Update. If you have Office installed, check if Office updates were listed in Automatic Update.
Thanks.
This posting is provided "AS IS" with no warranties, and confers no rights. - Hi Sylvain
As i Understand your issue, You don't want to use WSUS to patch desktops. You want to use Microsoft update option.
we can configure the machines to obtain patches from Internet. however we need to keep few things in mind:
1) Desktops users can download patches directly.
2) patches will get installed without testing & checking the compatiability.
3) This will use more bandwith as all users will be downloading the patches from MS update site
All windows XP SP2 desktops has WUA agent installed. we can control this option by creating a group policy, import Windows\inf\Wuau.adm to GPO editor & configure the policies according to your requirements. As a WSUS server insert name for Microsoft update service.
Another option that i can think of is to create a VB script for this & run as schedule task but it might ask for confirmtaion to install patches.
We have many options available to deploy patches once you download & test them manually.
Pls let me know if you have any requirement for deploying the patches directly or after testing ?
Thanks Mervin,
From a clean install, it is not enough. I still have to manually go on the Microsoft Update Web site to enable the "Microsoft Update".
Nitesh,
I agree with the drawbacks but in this case my goal is to quickly build test lab. So it's not relevant here. I want to be able to quickly deploy a few virtual servers and then install all latest available updates (include the "Microsoft Update" ones). My server deployment is almost automatic (using SYSPREP, GPO, etc.) but still I have this manual step to enable Microsoft Update that I would like to resolve. In this case of small test environment, installing WSUS server is not the fastest solution.
So any solution based on GPO or any script is very welcome. I don't have any requirement to test the patches before deploying them.
Regards.
Sylvain- Hi
Please try to deploy the following script in computer startup script to enable Microsoft Update.
Opt-In to Microsoft Update
http://msdn.microsoft.com/en-us/library/aa826676(VS.85).aspx
Assign computer startup scripts
http://technet.microsoft.com/en-us/library/cc779329(WS.10).aspx
Thanks.
This posting is provided "AS IS" with no warranties, and confers no rights.- Marked As Answer byssbtmp Monday, July 06, 2009 6:56 AM
- Hi Mervin,
Thanks a lot for the link. The script does exactly what I was looking for.
Regards.
Sylvain - Hi,
Glad to hear the information is helpful. If you have other questions in the future, you’re welcomed to our forum.
Thanks.
This posting is provided "AS IS" with no warranties, and confers no rights.
