cervezagallo Posted January 11, 2017 Report post Posted January 11, 2017 Our Windows 10 Enterprise PCs were getting updates directly from the Internet saturating our pipe. To stop this behavior we had to block a range of WindowsUpdate IP at the firewall but later just stopped the Windows Update service on every Windows 10 1607 PC. We are using SCCM 1610 (WSUS installed same server) - Windows 7 PCs not a problem just Windows 10.By doing an RSOP to a workstation, the Specify Intranet Microsoft Update Service Location points to http://server.contosto.com:8530, our GPOs are the following: Administrative Templates/Windows Components/Windows Update/Defer Windows Update/Defer Select when Feature Updates are received - Enabled - 180 days Administrative Templates/Windows Components/Delivery Optimization Download mode - bypass Under Settings, Choose how updates are delivered - When this is turned on, your pc ... that settings is gray out, PCs on my local network and PCs on my local network and PCs on the Internet nothing (no option selected.)How do you stop from Windows 10 1607 to get updates to the Internet? What am I missing? That shouldn't be the behavior, we like to control when updates are delivered. Quote Share this post Link to post Share on other sites More sharing options...
cumbrianblues Posted March 2, 2017 Report post Posted March 2, 2017 Hi I've just discovered this as an issue when looking at the latest hotfix for 1610, apparently its a known issue when the defer updates option is set in GPO, Microsoft recomment that you DO NOT set these GPO's as it will cause a dual scan issue. https://support.microsoft.com/help/4010155 is the article related to the hotfix, however I've also come accross these two article as well:- https://blogs.technet.microsoft.com/windowsserver/2017/01/09/why-wsus-and-sccm-managed-clients-are-reaching-out-to-microsoft-online/ https://blogs.technet.microsoft.com/askpfeplat/2017/02/21/identifying-waas-systems-using-config-manager/ So that begs the question, how the hell do you set the machines up for CB and CBB? I've been on it the last two days tryign to work it out but cannot figure it out without setting these GPO's aarrggghhhh!!! Quote Share this post Link to post Share on other sites More sharing options...
