Forum Discussion
Solved
Why do Windows 10 hybrid AD clients with GP disabling Windows Update still get updates?
I have a large fleet of Windows 10 Enterprise clients which are Hybrid-joined to our on-premise AD and also connected to Intune for cloud-based management. These devices are purpose-built -- not quit...
- Hello, I would recommend that for these clients you configure the Scan source policy (https://docs.microsoft.com/en-us/windows/deployment/update/wufb-wsus) or since you are still on Windows 10 you can leverage disable dual scan ("Do not allow deferrals to cause scans against Windows Update").
Either of these will prevent updates from being offered from Windows Update. That said, I would recommend against just disabling automatic updates as all that does is prevent devices from automatically scanning, downloading, installing, etc. without end user interaction.
Please let me know if you have any further questions! 🙂
AriaUpdated
Microsoft
MicrosoftHello, I would recommend that for these clients you configure the Scan source policy (https://docs.microsoft.com/en-us/windows/deployment/update/wufb-wsus) or since you are still on Windows 10 you can leverage disable dual scan ("Do not allow deferrals to cause scans against Windows Update").
Either of these will prevent updates from being offered from Windows Update. That said, I would recommend against just disabling automatic updates as all that does is prevent devices from automatically scanning, downloading, installing, etc. without end user interaction.
Please let me know if you have any further questions! 🙂
Either of these will prevent updates from being offered from Windows Update. That said, I would recommend against just disabling automatic updates as all that does is prevent devices from automatically scanning, downloading, installing, etc. without end user interaction.
Please let me know if you have any further questions! 🙂