Has anyone modified their group policy settings so they can receive the new WUA that is only available via WSUS?
We currently have Automatic Updates disabled via group policy and I'm pretty nervous about enabling it. I've created a GPO with the following settings: * Computer config/Policies/Admin templates/Windows Components/Windows Update/Configure Automatic Updates o Enabled o Configure automatic updating: 4 - Auto download and schedule the install o Scheduled install day: 0 - Everyday o Scheduled install time: 03:00 * User config/Policies/Admin templates/Windows Components/Windows Update/Remove access to use all Windows Update features o Enabled o Configure notifications: 0 - Do not show any notifications I intend to link this GPO to the domain; because there's no GPOs with these settings elsewhere all computer objects should process the computer config and all user objects will process the user config. During testing conducted on a few workstations it appears to work as intended - the WUA is updated to 7.6 from 7.4 and no notifications or reboots occur. But I'm worried about a couple of things: * What other updates (besides WUA) could be delivered automatically and without my control? * If updates besides WUA could be delivered and they require a reboot, on systems where no user is logged on at the time and therefore there is no setting in place to suppress notifications and reboots, i.e. servers, could unexpected reboots be triggered? For anyone who has implemented this do you have any feedback? Daniel.
