Search This Blog

Wednesday, September 18, 2013

Windows Update Unlocked and Manual Trigger

Ever seen this before? Well, this is an old version of Windows, but it would look somewhat similar when you have policies that preset and prevents you from doing a Windows Update. Usually there is nothing you can do about it and hope that you will eventually get the patch, thanks to your company, but if you are the owner of this machine and has admin rights, then read on.
Usually this is caused by GPO or similar policies preventing you from updating. Or you are not in the administrator group. To solve the GPO, you will need to fire up regedit.
  1. Go to HKEY_LOCAL_MACHINE \ SOFTWARE \ Policies \ Microsoft \ Windows \ WindowsUpdate \ AU. 
  2. Delete the keys AUOptions and NoAutoUpdate.
  3. Go to HKEY_CURRENT_USER \ SOFTWARE \ Microsoft \ Windows \ CurrentVersion \ Policies \ WindowsUpdate.
  4. Delete the key DisableWindowsUpdateAccess.
Alternatively, you can also use the Group Policy Editor. 
  1. Fire up GP Editor by running "gpedit.msc" in command prompt.
  2. Go to Computer Configuration\Administrative Templates\Windows Components\Windows Update.
  3. Set "Configure Automatic Updates" to "Not Configured".
  4. Got to User Configuration\Administrative Templates\Windows Components\Windows Update.
  5. Set "Remove Access" to All  and "Windows Update features" to Not Configured.
On server, you may be able to run "gpupdate /force" to restart the policies, but a reboot is one sure way to get it done.

Next, we sometimes wants to fire up Windows Update and do a on demand update. But in a company wide deployment, often you will get a no access page at Microsoft because the Windows Update Server is set to local. So, here is the way to get it done, via script of in command prompt.

You can skip this steps sometimes, but I find that the sure way to trigger the update is sometimes to shutdown and restart the Windows Update Service like this:

net stop wuauserv
net start wuauserv

After this, you can start the actual trigger to Windows Update:

wuauclt /detectnow

This should make the yellow shield at the tray pops up. You may want to see a update status by:

wuauclt /r /ReportNow

This will communicate with the update server and takes a few minutes. 

And when something does crap out, there is always a very detail log in %systemroot%/WindowsUpdate.log. You will find all your problems inside be it wrong server, connection timeout etc.

Now, the above can definitely be put into a script to be run by schedule and you have your own "Automatic Update" so to speak. Have fun updating Windows (and other Microsoft Products)
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)