?
Solved

Question about WSUS updates not using GPO

Posted on 2014-10-06
1
Medium Priority
?
178 Views
Last Modified: 2014-10-20
I am seeing that computers that I have not assigned a GPO to, download and install updates on weekends nevertheless.

I have a computer group called Domain Controllers and Critical Servers, that seem to have updated this weekend, based on the install timestamp, despite not having any GPO assigned to them for scheduling. Therefore, I have configured a GPO and attached it to the Domain Controllers OU and disabled "Enable client-side targeting", "Specify internet Microsoft update service location" and "Configure Automatic Updates", so that no action will be taken with servers residing in the Domain Controllers OU.

Is this the way to go when attempting to prevent these machines from getting updated?

When I want them to be updated in a staggered fashion, I simply move a single DC to a server group that I know has a configured GPO assigned to it.

As it is now, any computers assigned to a Computer Group, despite not having an GPO applied to them, update nevertheless by default.

Is this correct?
0
Comment
Question by:nurturer69
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
1 Comment
 
LVL 35

Accepted Solution

by:
Seth Simmons earned 2000 total points
ID: 40363807
i would leave those 2 settings (client-side targeting; intranet location) as not configured and only configure the option to only "download and notify for install"
that way it won't automatically install and reboot
0

Featured Post

Get real performance insights from real users

Key features:
- Total Pages Views and Load times
- Top Pages Viewed and Load Times
- Real Time Site Page Build Performance
- Users’ Browser and Platform Performance
- Geographic User Breakdown
- And more

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

OfficeMate Freezes on login or does not load after login credentials are input.
After seeing many questions for JRNL_WRAP_ERROR for replication failure, I thought it would be useful to write this article.
This tutorial will walk an individual through the process of configuring basic necessities in order to use the 2010 version of Data Protection Manager. These include storage, agents, and protection jobs. Launch Data Protection Manager from the deskt…
This tutorial will walk an individual through the process of installing of Data Protection Manager on a server running Windows Server 2012 R2, including the prerequisites. Microsoft .Net 3.5 is required. To install this feature, go to Server Manager…
Suggested Courses

777 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question