SBS2008 How To Force clients PCs to get updates from MS

For various reasons I have removed WSUS and want my client PCs to get their updates  from MS.
I have done the following:

1. Uninstalled WSUS through Programs & Features
2. Modified the local group policy using GPEdit: Computer Configuration - Administrative Templates - Windows Components - Windows Updates - Specify intranet Microsoft update service location and set it to disabled. I also set "Configure Automatic Updates" to Enabled.
3. In the registry I removed the 2 keys that pointed to the WSUS server in HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate

After all that I did a GPUpdate /Force and that succeeded but when I run Windows Update on the server, it is still saying that Updates are managed by the Administrator and not going to Microsoft by default?

What am I missing?

Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

DonNetwork AdministratorCommented:
From command prompt

reg delete HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate /f
SivAuthor Commented:

Command ran OK but when I run Windows Update it still says "You receive updates: Managed by your system administrator"?

Is there anything I need to do with IIS?


Check this link..

else if below registry entry is present then modify it..
Modified  below reg settings : from 1 to 0
IT Pros Agree: AI and Machine Learning Key

We’d all like to think our company’s data is well protected, but when you ask IT professionals they admit the data probably is not as safe as it could be.

David AtkinTechnical DirectorCommented:
Have you removed the server from the Update Services Server Computers Policy?

This will need doing from the domain group policy.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
SivAuthor Commented:
That's it,  the Group Policy hadn't been changed in all of the domain locations:
I went into Administrative Tools >> Group Policy Management.  I then clicked on "Update Services Client Computers Policy", went to the "Settings" tab, expanded

"Policies" > "Administrative Templates" > "Windows Components/Windows Update",

right-clicked the section relating to  "Specify intranet Microsoft update Service location" and then selected "Group Policy Editor" and in that went to

"Computer Configuration" > "Policies" > "Administrative Templates" > "Windows Components" > "Windows Update"

I then made sure the policy "Specify intranet Microsoft update Service location" was "not configured" and "Configure Automatic Updates" was enabled. I repeated that for these as well in "Group Policy Management":

Update Services Common Settings Policy
Update Services Server Computers Policy

I then ran GPUPDATE /Force and after that the server now goes straight to MS and I can't check right now but am pretty certain so will the client PCs.

Thanks a lot,

SivAuthor Commented:
Thanks for helping me spot what I had missed.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.