This post provide technical support to Configuring Automatic Updates by using local Group Policy. Group Policy is a powerful tool for controlling the configuration of desktops and servers on an Active Directory network, but Group Policy's lesser cousin, Local Group Policy, can also be useful to know about. In a domain environment, Group Policy objects (GPOs) can be linked to domain, organizational unit (OU), and site containers to control hundreds of settings for users and computers in these containers.
Configuring Automatic Updates by using local Group Policy
1. Click Start, and then click Run.
2. Type gpedit.msc, and then click OK.
3. Expand Computer Configuration.
4. Right-click Administrative Templates, and then click Add/Remove Templates.
5. Click Add, click Wuau.adm in the Windows\Inf folder, and then click Open.
6. Click Close.
7. Under Computer Configuration, expand Administrative Templates, expand Windows Components, and then expand Windows Update.
The Configure Automatic Updates policy appears. This policy specifies whether the computer receives security updates and other important downloads through the Windows Automatic Updates feature. The settings for this policy let you specify if automatic updates are enabled on the computer. If the service is enabled, you must select one of the three configuration options.
8. To view the policy settings, double-click the Configure Automatic Updates policy.
9. To turn on Automatic Updates, click Enabled in the list of options that appear at the top of the Setting tab.
If you click Enabled, you must select one of the three configuration options that are listed in step 10.
10. Select one of the following three options:
* 2 - Notify for download and notify for install
When Windows finds updates that apply to this computer, an icon appears in the notification area, and a message appears that states that the updates are ready to be downloaded. If you click either the icon or the message, the option that you use to select the updates you want to download appears. Windows downloads the selected updates in the background. When the download is complete, the icon appears in the notification area again, and a message appears that states that the updates are ready to be installed. If you click either the icon or the message, the option that you use to select the updates you want to install appears.
* 3 - Auto download and notify for install
Note This setting is the default setting.
Windows finds updates that apply to your computer, and then downloads these updates in the background.The user is not notified or interrupted during this process. When the download is complete, the icon appears in the notification area, and a message that states that the updates are ready to be installed appears. If you click either the icon or the message, the option that you use to select the updates you want to install appears.
* 4 - Auto download and schedule the install
To specify the schedule, select the appropriate options in the Group Policy Settings dialog box. If you do not specify a schedule, the default schedule for all installations is used. This schedule is every day at 3:00 A.M. If any one of the updates require you to restart the computer to complete the installation, Windows restarts the computer automatically. (If a user is logged on to the computer when Windows is ready to restart it, the user is notified that Windows will restart. The user can chose to delay the restart operation.)
If you select 4 - Auto download and schedule the install you can set a recurring schedule. If you do not set a schedule, all updates are downloaded and installed every day at 3:00 A.M.
* Other Options
Additionally, you can select either the Disabled option or the Not Configured option. If you select Disabled, an administrator must download and install any available updates manually from the Microsoft Windows Update Web site.
If you select Not Configured, the status of Automatic Updates is not specified at the Group Policy level. The status is either "enabled" or "not enabled." However, an administrator can still configure Automatic Updates by using Control Panel. Control Panel includes the same settings that are available in Group Policy.
Note An updated Administrative Template (.adm file) is now available for use with the Automatic Updates feature in Windows Server 2003 and the Software Update Services (SUS) Service Pack 1 (SP1) client. This updated policy file adds two new policies:
* Reschedule Automatic Updates scheduled installations
This policy specifies the time that Automatic Updates has to wait after the computer starts, before it proceeds with a scheduled installation that was missed previously.
* No auto-restart for scheduled Automatic Updates installations
This policy specifies that Automatic Updates will wait for the computer to be restarted by any user who is logged on to complete a scheduled installation. If this policy is not used, the computer restarts automatically.
