how to prevetn sysprep to turn automatic update back on

Posted on 2012-03-28
Last Modified: 2012-03-29
we don't want our windows 7 laptops to have automatic updates on. We set them oof on all our masters but we we have sysprep running after making mass numbers of clones. It turns automatic updates back onand we don't want. I tried some registry settigns but that did notwork.
So please let me know if you have experienced with this problem and have the answer.
All laptops are windwos 7
Question by:wajhiuddin
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 42

Expert Comment

ID: 37780309
If your laptops are domain members, a much better solution is to use group policies to set your Automatic Updates options.

Curious, how do you patch your systems and prevent them from getting attacked from web site drive-by attacks, malicious email, spear phishing, etc.?
LVL 29

Expert Comment

by:Michael Pfister
ID: 37781142
If you run sysprep with an unattend.xml file you can add your own commands in the specialize section under amd64_Microsoft-Windows-Deployment_6.1.7600.16385_neutral.


sc config wuauserv start= disabled

would disable the Windows Update service.

But I agree with kevinhsieh, better patch them!

Author Comment

ID: 37781634
clients are getting windows patches buy Symatntec End point, and CMS, can't  disable windows updates services becasue syamtec won't able to deliver patches , just don't want AU enable becasue while machines getting  customizations  windows updates get started whcih slows down the process.
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

LVL 29

Expert Comment

by:Michael Pfister
ID: 37781703
Ok, that wasn't clear from your original post.
Then either use GPO to disable Windows Updates or add the following registy key:


you might be able to run

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /d 1 /t REG_DWORD /f

as a command in your unattend.xml

Author Comment

ID: 37781731
I don't see the option in local GPO to disabel AU in windows 7, is it availabe where?
I am talking about local group policy instead of domain, clients won't get domain policy untill they get customized,

Author Comment

ID: 37781856
: mpfister thanks it works I also need to add following retkeys please
can you please send me the command as you did for
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v NoAutoUpdate /d 1 /t REG_DWORD /f

LVL 29

Expert Comment

by:Michael Pfister
ID: 37781893
reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v IncludeRecommendedUpdates /d 0 /t REG_DWORD /f

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v ElevateNonAdmins  /d 0 /t REG_DWORD /f

LVL 29

Accepted Solution

Michael Pfister earned 500 total points
ID: 37781901
Post above looks strange, this is better:

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU" /v IncludeRecommendedUpdates /d 0 /t REG_DWORD /f

reg add "HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate" /v ElevateNonAdmins  /d 0 /t REG_DWORD /f

Open in new window


Author Closing Comment

ID: 37782018
mpfister ,
U R the man

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Lync meeting or Lync conferencing is what many organizations would like to deploy to allow them save money. But companies are now giving up for various reasons, one of which is that they cannot join external meetings (non-federated company meetings)…
Citrix XenApp, Internet Explorer 11 set to Enterprise Mode and using central hosted sites.xml file.
Viewers will learn the different options available in the Backstage view in Excel 2013.
With the advent of Windows 10, Microsoft is pushing a Get Windows 10 icon into the notification area (system tray) of qualifying computers. There are many reasons for wanting to remove this icon. This two-part Experts Exchange video Micro Tutorial s…
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question