SOLVED: How to Control Windows 10 Updates From a WSUS Server

As you likely have figured out Windows 10 ignores the Re-Prompt for restart with scheduled installations GPO which is very unfortunate because it worked so well.  Given this you now have two apparent choices, let your Windows 10 PC’s reboot automatically or not.windows-10-windows-updates-control-reboots

Fortunately the GPO:

COMPUTER CONFIGURATION > POLICIES > ADMINISTRATIVE TEMPLATES > WINDOWS COMPONENTS > WINDOWS UPDATE > No auto-restart with logged on users for scheduled automatic updates installations 

does still work.

This means you can push out your updates to Windows 10 PC’s and if no one is logged in they will reboot automatically.  For your power users that are still logged in and have work open, nothing will happen.  You send your staff an email asking them to reboot over a given time frame (say 2 weeks) and then you can change the NO AUTO-RESTART GPO to DISABLED for a few days which will forcibly cycle any remaining user who did not reboot.

After which you can change the NO AUTO-RESTART GPO back to ENABLED to get ready for your next round of patches.

This is not an elegant solution, but it is the best I have come up with so far.

Leave a Reply