none
Looking for assistance with GPO to prevent peer-to-peer MS Updates. RRS feed

  • Question

  • I know very little about GPO. We have a Server Unit which should maintain this.

    During MDT imaging, I can turn off peer-to-peer and also disable driver updates during MS Updates.
    We also have an OU which is the ONLY OU to allow MS Updates. All of the others prevent Updates.

    However, while in an OU which prevents MS Update, clients still get updates via peer-to-peer. These are computers
    that were deployed prior to me fixing this through MDT.

    What I'm hoping to find is a GPO template setting to prevent peer-to-peer updates, regardless of the OU.
    So far, our Server Unit is preventing updates from MS itself. They are not addressing the peer-to-peer issue.

    Unless I tell them specifically where to make a change...and what to change, nothing will get changed.

    Has anyone modified the peer-to-peer option to prevent updates from happening from pc to pc?
    Thanks!

    Tuesday, December 11, 2018 4:32 PM

Answers

  • It's taken lots of research to do a reg. change to toggle off the peer-to-peer updates.

    Yet again AD snoozes through on finding settings. The TS Command I have is:

    reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v DODownloadMode /t REG_DWORD /d 0 /f

    I also have one to prevent driver updates during MS Updates:

    reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate" /v ExcludeWUDriversInQualityUpdate  /t REG_DWORD /d 1 /f

    • Marked as answer by the1rickster Saturday, January 5, 2019 8:58 PM
    Saturday, January 5, 2019 8:58 PM

All replies

  • looks like you will need to do with with an admin template

    https://answers.microsoft.com/en-us/windows/forum/windows_10-update/disable-windows-update-delivery-optimization/30f16447-2138-4cc6-ab1f-22b7e83b8c8d

    Wednesday, December 12, 2018 12:54 PM
  • I will forward this on to our Server Group. I told them before that it is in the template but they
    continually claim they can't find it. I can fix this during cloning but not for the pc's already out
    in the field.
    Thursday, December 13, 2018 2:09 PM
  • It's taken lots of research to do a reg. change to toggle off the peer-to-peer updates.

    Yet again AD snoozes through on finding settings. The TS Command I have is:

    reg.exe add "HKLM\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization" /v DODownloadMode /t REG_DWORD /d 0 /f

    I also have one to prevent driver updates during MS Updates:

    reg add "HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate" /v ExcludeWUDriversInQualityUpdate  /t REG_DWORD /d 1 /f

    • Marked as answer by the1rickster Saturday, January 5, 2019 8:58 PM
    Saturday, January 5, 2019 8:58 PM