locked
Change windows update settings through SCCM client settings? RRS feed

  • Question

  • Hi Team, Is it possible to deploy the default client setting after SCCM client push finished, to all systems or a collection , to change the default windows automatical update setting?  e.g. in control pannel, the automatic update is off, in services.msc , the windows update is also disabled. After I deploy the customised and default client setting from sccm 2012, change the " enable software update on client"  to  "yes". will it change the "automatic update " and "windows update" on the client PC to "on" and "enabled"? will it cause the PC to download windows update automatically ? or any other way from SCCM can change the windows update status on PC? Thanks

    Thanks and best regards, -- KF

    Wednesday, January 15, 2014 9:21 AM

Answers

  • When the client is installed SCCM takes over the handling of Windows Updates. It will manage the service as well. 

    Updates will not download automatically unless you have set up a Software Update Groups deployment to the collection the device is in - or if you have a domain policy somewhere that points the devices to an alternative source for download e.g. another WSUS in the organisation or direct with Windows Update.

    If you stop the Windows Update service SCCM will control this and start it again.


    Cheers

    Paul | sccmentor.wordpress.com

    • Marked as answer by kongfupanda Friday, January 17, 2014 3:45 PM
    Wednesday, January 15, 2014 10:18 AM
  • Hi,

    You should actually set the "Turn off automatic Updates" gpo as well, to make sure that the client never uses Windows update. Jason describes it here:http://blogs.catapultsystems.com/jsandys/archive/2010/05/28/software-updates-management-and-group-policy-for-configmgr-cont-.aspx

    Regards,

    Jörgen

     


    -- My System Center blog ccmexec.com -- Twitter @ccmexec

    • Marked as answer by kongfupanda Friday, January 17, 2014 3:45 PM
    Wednesday, January 15, 2014 2:01 PM
  • From your description I understand that you're just trying to enable automatic updates and change the startup type of windows update service to automatic from disabled. If that is what you required, you can use Configuration baselines do achieve that right after the clients successfully communicates to MP.

    Kindly mark as answer/Vote as helpful if a reply from anybody helped you in this forum. Delphin

    • Marked as answer by kongfupanda Friday, January 17, 2014 3:45 PM
    Wednesday, January 15, 2014 2:41 PM

All replies

  • When the client is installed SCCM takes over the handling of Windows Updates. It will manage the service as well. 

    Updates will not download automatically unless you have set up a Software Update Groups deployment to the collection the device is in - or if you have a domain policy somewhere that points the devices to an alternative source for download e.g. another WSUS in the organisation or direct with Windows Update.

    If you stop the Windows Update service SCCM will control this and start it again.


    Cheers

    Paul | sccmentor.wordpress.com

    • Marked as answer by kongfupanda Friday, January 17, 2014 3:45 PM
    Wednesday, January 15, 2014 10:18 AM
  • Hi,

    You should actually set the "Turn off automatic Updates" gpo as well, to make sure that the client never uses Windows update. Jason describes it here:http://blogs.catapultsystems.com/jsandys/archive/2010/05/28/software-updates-management-and-group-policy-for-configmgr-cont-.aspx

    Regards,

    Jörgen

     


    -- My System Center blog ccmexec.com -- Twitter @ccmexec

    • Marked as answer by kongfupanda Friday, January 17, 2014 3:45 PM
    Wednesday, January 15, 2014 2:01 PM
  • From your description I understand that you're just trying to enable automatic updates and change the startup type of windows update service to automatic from disabled. If that is what you required, you can use Configuration baselines do achieve that right after the clients successfully communicates to MP.

    Kindly mark as answer/Vote as helpful if a reply from anybody helped you in this forum. Delphin

    • Marked as answer by kongfupanda Friday, January 17, 2014 3:45 PM
    Wednesday, January 15, 2014 2:41 PM
  • We are currently deploying SCCM across our organization. Currently we are only handling server updates via SCCM. We want to wait until we have DPs deployed to each remote location before we start managing workstation updates via SCCM. However, the client has been pushed to workstations and now they are getting local policies preventing them from receiving updates via Microsoft. How can I temporarily disable this policy? Under Client Settings>Software Updates should I disable "enable software updates on clients"? I'm not sure what other impact that will have.
    Tuesday, April 10, 2018 7:12 PM