VMware Horizon Community
suri123
Enthusiast
Enthusiast
‎11-12-2017 06:14 AM

WIndows 10VM Win update services turns back on

WIn10 Windows update service WUAUUSERV  was disabled on the master image,  for some reason the service goes to Triggered manual, remsh.exe
will  re-enabled the Windows Update service.

We are currently running WIN10 1607 LTSB image for our VDI infra, with non-persistence provisioning .   We have been in production for one year with win10 and never seen this occurrence..   We don't have any GPO, SSCM or WSUS client on the VM's to do this..   After further investigation, Microsoft states that it is a default behavior,  We have pushed GPO to stop VDI machines going to MS sites/store for updates. 

I would like to ask the community to see if you have seen this issue and how are you handling this problem? 

Microsoft Reference:   
Windows 10 Home users will receive updates from Windows Update
automatically when it's available. Windows 10 Pro and Windows 10
Enterprise users will have the ability to postpone updates not stop.

https://www.microsoft.com/en-us/windows/windows-10-specifications

Thanks

Suri

0 Kudos
2 Replies
chulerico
Enthusiast
Enthusiast
‎11-14-2017 06:20 AM

Suri,

We have worked with many different versions, and started recently to revisit 2016 LTSB to get a consistent user experience as each new version seems to break components/change structure.

as you stated 2016 LTSB turns updates back on, which I was surprise by it, as I have not seem this before in any other version so there must be a setting in this version that is doing this.

For now I turn prompt on, so updates are not done automatically and we disabled the task schedules for xbox(don't need it and odd that is found in LTSB) and windows updates, and update service has not turn back on since last night, hopefully that does it else further investigation is needed.

Sam

0 Kudos
chulerico
Enthusiast
Enthusiast
‎11-15-2017 12:08 PM

no dice, turning off services, tasks disabled worked, service gets re-activated.

for now using the following settings, at least it waits for updates to be installed.

strange that 2016 LTSB has this behavior, not even server 2012/2016 do this

if this becomes a problem will disable them through firewall/traffic shaping.

Please let me know if you find anything, thanks

(edit) For now I set a false wsus intranet site and that stops the updates.

Sam

Preview file
19 KB
0 Kudos