ML
    • Recent
    • Categories
    • Tags
    • Popular
    • Users
    • Groups
    • Register
    • Login

    Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?

    IT Discussion
    windows windows server windows server 2016 rds remote desktop server gpo windows updates windows update
    4
    11
    4.5k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • wrx7mW
      wrx7m
      last edited by

      I found this setting, which is applicable to at least Win 10 and Server 2016
      fdd3ffc8-6d7b-47d7-8d97-1440dffa2891-image.png

      However, it restricts admins from performing updates.

      1 Reply Last reply Reply Quote 0
      • wrx7mW
        wrx7m
        last edited by

        With the above setting enabled, not even admins can run checks for updates.
        8883c7c8-e115-4185-a8bb-bdcb4cd4b971-image.png

        M black3dynamiteB 2 Replies Last reply Reply Quote 1
        • M
          manxam @wrx7m
          last edited by

          @wrx7m : The "not available to administrators" is an easy fix with GPO, but does this latter policy also block pending update/reboot notifications as the prior did on ≤ 2012 R2?

          wrx7mW 1 Reply Last reply Reply Quote 0
          • black3dynamiteB
            black3dynamite @wrx7m
            last edited by

            @wrx7m Is that a computer configuration or user configuration policy? Try applying the rules to only non-admins groups.

            wrx7mW 1 Reply Last reply Reply Quote 3
            • pmonchoP
              pmoncho
              last edited by

              Do you have any of these policies set?

              User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Remove Notifications and Action Center

              User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off all balloon notifications

              User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off feature ad balloon notifications

              User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off notification area cleanup

              wrx7mW 1 Reply Last reply Reply Quote 1
              • wrx7mW
                wrx7m @black3dynamite
                last edited by wrx7m

                @black3dynamite said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                @wrx7m Is that a computer configuration or user configuration policy? Try applying the rules to only non-admins groups.

                Yeah, it is at the computer level. I would like to do it via user config but I only want them to apply to users on the RD servers. I need to figure out the proper way to structure AD/GPOs to not screw up everything else.

                I am guessing creating another OU as a sub container and move the RD servers into.

                Edit: Since it isn't GPP, there isn't any item level targeting, so I can't do it that way.

                black3dynamiteB 1 Reply Last reply Reply Quote 0
                • wrx7mW
                  wrx7m @pmoncho
                  last edited by

                  @pmoncho said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                  Do you have any of these policies set?

                  User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Remove Notifications and Action Center

                  User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off all balloon notifications

                  User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off feature ad balloon notifications

                  User -> Policies -> Admin Templates -> Start Menu/Taskbar -> Turn off notification area cleanup

                  I don't think I have those setup or specific to the RD servers.

                  1 Reply Last reply Reply Quote 0
                  • wrx7mW
                    wrx7m @manxam
                    last edited by wrx7m

                    @manxam said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                    @wrx7m : The "not available to administrators" is an easy fix with GPO, but does this latter policy also block pending update/reboot notifications as the prior did on ≤ 2012 R2?

                    I don't know if that will block the notifications. But, I do know that I don't want some random user trying to update the servers.

                    1 Reply Last reply Reply Quote 0
                    • black3dynamiteB
                      black3dynamite @wrx7m
                      last edited by

                      @wrx7m said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                      @black3dynamite said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                      @wrx7m Is that a computer configuration or user configuration policy? Try applying the rules to only non-admins groups.

                      Yeah, it is at the computer level. I would like to do it via user config but I only want them to apply to users on the RD servers. I need to figure out the proper way to structure AD/GPOs to not screw up everything else.

                      I am guessing creating another OU as a sub container and move the RD servers into.

                      Edit: Since it isn't GPP, there isn't any item level targeting, so I can't do it that way.

                      If you can make those changes directly in the registry, maybe can allow you to use GPP and item level targeting.

                      wrx7mW 1 Reply Last reply Reply Quote 1
                      • wrx7mW
                        wrx7m @black3dynamite
                        last edited by

                        @black3dynamite said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                        @wrx7m said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                        @black3dynamite said in Windows Server 2016 RDS - GPO for Disabling Windows Update Notifications for Non-Admins/Users?:

                        @wrx7m Is that a computer configuration or user configuration policy? Try applying the rules to only non-admins groups.

                        Yeah, it is at the computer level. I would like to do it via user config but I only want them to apply to users on the RD servers. I need to figure out the proper way to structure AD/GPOs to not screw up everything else.

                        I am guessing creating another OU as a sub container and move the RD servers into.

                        Edit: Since it isn't GPP, there isn't any item level targeting, so I can't do it that way.

                        If you can make those changes directly in the registry, maybe can allow you to use GPP and item level targeting.

                        Hmmm. That makes sense. Let me mull it over.

                        1 Reply Last reply Reply Quote 0
                        • 1 / 1
                        • First post
                          Last post