@wrx7m Is that a computer configuration or user configuration policy? Try applying the rules to only non-admins groups.
Yeah, it is at the computer level. I would like to do it via user config but I only want them to apply to users on the RD servers. I need to figure out the proper way to structure AD/GPOs to not screw up everything else.
I am guessing creating another OU as a sub container and move the RD servers into.
Edit: Since it isn't GPP, there isn't any item level targeting, so I can't do it that way.
If you can make those changes directly in the registry, maybe can allow you to use GPP and item level targeting.
A simple restart command doesn't perform the update step, just the restart, so the update doesn't get applied.
This has been an issue for a very long time with windows. I am surprised it hasn't been fixed yet. It's really annoying
Well, at least with Win 7, a standard reboot applies updates. At least, I think it does. The main difference between Win 7 and 10, is that they have switched to the osoclient.exe to manage the updates.
I'm pretty sure server 2008 and onward had the issue. I don't remember dealing with it on workstations
I still have a 2008 R2 box and can test it on the next go 'round. I won't have it much longer, as I am dumping it prior to EOS.
LOL - Didn't make this cutoff. Next week, hopefully.
This would have happened on Server 2012 R2 as well, dual scan has been around and causes a lot of problems as you noted.
It is strange that I didn't have these issues in 2012 R2. I essentially copied the same GPO for 2012 R2 and made some minor changes to it to convert it for 2016. My 2012 R2 show the correct default service.
Weird, I have various Server 2016and now 2019 with WSUS and while dual scan was an issue for me on Server 2012/ 2012 R2 not anymore.
A bit outside your specific question; however on my Exchange servers I just disabled the MSExchange ActiveDirectory Topology Service; doing that prevented the rest of the Exchange services from loading and KB40720650 loaded without issue