1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

SUS Windows updates & group policy

Discussion in 'Windows & Other Software' started by Spider, 10 Mar 2006.

  1. Spider

    Hitman

    Joined: 28 Nov 2002

    Posts: 766

    Location: Down the road

    We’re running a SUS update service on our Win2k3 server to distribute windows updates and security fixes to all clients. The settings are applied via group policy and the system works in as far as it does download approved updates and installs them at a specified time.
    However, it doesn’t do this transparently – I don’t want any user intervention, I’d like it to download & install all approved updates without anything on screen (currently it pops up with a five minute timer allowing the user to approve or cancel the install) or any facility for the user to cancel the updates.

    Is there any way I can force "silent" updates so all machines are patched 100% transparent to, and independent of, the user?

    Thanks
     
  2. Crazy Squirrel

    Gangster

    Joined: 18 Oct 2002

    Posts: 231

    We have the following Group Policy settings for SUS:

    Configure Automatic Updates
    *Enabled
    *4 - Auto download and schedule the install
    *Every Day
    *10:00

    Sepcify intranet microsoft update services location
    *Enabled
    *http://jupiter
    *http://jupiter

    No auto-restart for scheduled Automatic Update Installtions
    *Enabled

    Only user interaction is on updates that require a restart a restart box pops up after install (no timer). The no button is greyed out to users but the window can be moved out of the way until convienient, bit of a pain it is on top though.