none
Automatic Updates Disabled RRS feed

  • Question

  • Hi Everyone,

    I have a bizzare question.  We setup our SCCM 2007 server in January 2008 and when we set it up, we installed the Software Update Point.  Since then, we have not been using the Software Update Point to push out windows updates, it has been one of those things where we "will get to it" eventually.

    Instead, we configured all our computers to continue to use automatic updates.

    Earlier this week, I noticed that a lot of my computers were not updating through Automatic Updates.  They were out of date going way back to April.

    After a lot of pulling out my hair, I finally stumbled upon this KB article:http://support.microsoft.com/kb/328010

    It states:

    Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU

    Value name: UseWUServer
    Value data: Set this value to 1 to configure Automatic Updates to use a server that is running Software Update Services instead of Windows Update.

    If I have a SCCM 2007 server in my network running a software update point, and the keys on all the computers running the clients are set to 1, they will not reach up to Microsoft for updates, rather they are going to our SCCM Server to get Windows Updates?

    Forgive me if this is a simple question which requires a simple answer, but I'm just looking for someone to confirm my thoughts.

    Thanks in advance,

    Sean

    Wednesday, January 28, 2009 5:18 PM

Answers

  • You are right. The config mgr. client will receive the wsus settings from the Management Point and configure them automatically to point to the SCCM SUP. As long as you don't have any GPO's that point to another WSUS server.
    Kent Agerlund
    Wednesday, January 28, 2009 6:08 PM
    Moderator
  •  If you dont want Config Mgr to handle patches you should disbale the Software Updates Agent in your Configuration Manager environment, and configure your setting for updating through GPO or manually.
    Saturday, January 31, 2009 10:55 PM
    Moderator

All replies

  • You are right. The config mgr. client will receive the wsus settings from the Management Point and configure them automatically to point to the SCCM SUP. As long as you don't have any GPO's that point to another WSUS server.
    Kent Agerlund
    Wednesday, January 28, 2009 6:08 PM
    Moderator
  •  If you dont want Config Mgr to handle patches you should disbale the Software Updates Agent in your Configuration Manager environment, and configure your setting for updating through GPO or manually.
    Saturday, January 31, 2009 10:55 PM
    Moderator
  • Besides removing the SUP you "could' (not supported I am sure) make a GPO to send the computers to Microsoft for Windows Updates until you get the SUP up and running. I have not done this but logically it makes sense that it would work since a domain GPO would over ride the local GPO that the SCCM client creates pointing to the SUP for updates.
    John Marcum, Systems Management Architect - www.TrueSec.com
    Sunday, February 1, 2009 2:00 AM
    Moderator