This update was aimed at organizations using its Windows Server Update Service (WSUS) management product.
WSUS is typically used by large organizations with careful patch management requirements.
We countered this by disabling Windows Update through a registry change: This stopped Windows Update from running automatically if it loses policy.
We have since added this to our New PC batch file that we run on all new PCs.
If you review the IIS logs you may also see that the client IP addresses never attempt to post to the WSUS servers “reportingwebservice”.
Is there a way I can somehow make all the PCs "Check for Updates" so they all get reported on our WSUS server and start receiving updates? We, as professionals, know the acronym, but not everyone who reads the post may know.
Now, wre you saying Windows Update on each workstation forgets the group policy and goes to directly for the Windows Update? Also, this is more of a Server Fault question as it relates directly with Windows Servers.
This computer is currently scheduled to install these updates on ? In my case Config Mgr 2007 had already been uninstalled so we could not revert the setting back to “Create all WSUS reporting events” unless Config Mgr 2007 was reinstalled, however the above settings are exposed via a “clientreportinglevel” property of “IUpdate Server Configuration” so I wrote a tool to configure the various members of this property: All = Clients should send all reporting information to the server None = Clients should not report update status or activity reports to the server Status Only = Clients should send update status reports to the server, but not activity reports.
For more information on these properties see: Please enter a numeric option: Press ‘1’ to set the client reporting level to ‘ALL’.