Hi,
We have about 110 Vista worktations rolled out throughout our company. We
use SMS 20003 SP3 to approve and push MS security patches out to our Vista
and XP SP2 workstations. Basically I do not want users workstations
connecting to Windows Update.
We have a GPO created to deny user access to Windows Automatic Updates:
Computer Configuration (Disabled)
No settings defined.
User Configuration (Enabled)
Administrative Templates
Start Menu and Taskbar
Policy Setting
Remove links and access to Windows Update Enabled
System
Policy Setting
Windows Automatic Updates Enabled
Windows Components/Windows Update
Policy Setting
Remove access to use all Windows Update features Enabled
The GPO is applied against USERS. This policy is being pushed to Windows XP
SP2 and Vista workstations. The XP SP2 workstations work correctly and cannot
access Windows Update through the Automatic Updates applet in Control Panel.
On a Vista workstation, even though the option in the Automatic Updates
applet are greyed out, the workstation is still going to Windws Update and
downloading and installing the updates after being released by MS on patch
Tuesday.
Shouldn't access to this be disabled based on the GPO mentioned above?
I ran a GPRESULT on the affected workstations and the policy is applying.
Any ideas?
Paul
|
Similar Threads
