20

I have windows 10 home, and I'm logged in as my user, which has administrator privilege. I go in the "Task Scheduler", under "Task Scheduler Library > Microsoft > Windows > UpdateOrchestrator", there's a task named "Reboot". I right-click for the properties, go on "Conditions" and disable "Wake the computer to run this task". When I click on "OK" to save the modification, it asks me for a user+password. (The window says "Enter user account information for running this task").

The "User name" field already comes by default with the value "S-1-5-18" which apparently is one of the internal users of windows. I tried using my password to no success. I changed the user to my user and try my password, also no success. I enabled the "Administrator" user and tried the same with that user, also no success.

The message that it gives me is: "An error has occurred for task Reboot. Error message: The following error was reported: 2147943004". I don't know a correct user/password to change the setting, and I don't know how to take ownership or change permissions so that it won't ask for a user/password.

I'm really upset that there's some setting that I can't modify in my own computer, so I want to know why, and how to get the proper permissions. I seem to have the same problem as this guy, but he never got an answer on how to change this setting. He managed to disable it, I did it too, but still I want to know what I was supposed to do to change the setting, regardless of disabling the task. Also, he's in win10pro and I'm in win10home, so I don't have access to lusrmgr.msc or gpedit.msc.

Improve this question

8 Answers 8

Reset to default
12

windows 10 home [...]

upset that there's some setting that I can't modify in my own computer ... I want to know why

You answer your own question. Home is for home users who do not necessarily have the capability to manage or maintain their systems. In locking home users out of some settings like this Microsoft are making some attempt to prevent the horrors of the XP era of unpatched systems where people have turned off updates because they don't understand why they need them and the implications of not getting them.

On to the guts of your question. S-1-5-18 is the LocalSystem user, this is a highly privileged account that normal users, even administrators, are not supposed to be able to interfere with on a day to day basis.

The idea is that we control windows through the userland tools and the operating system will make the necessary changes to the underlying processes that execute as system. Hence your inability to take control of the task you mention. The theory is that you don't change things here, you should be changing them in the graphical interface that you access through the usual settings window.

However there are tricks that you can use to bypass these protections.

To run with the privileges of SYSTEM you can do the following:

  • Get a copy of PSEXEC from sysinternals
  • Run the following in an Administrative CMD window
    • PSEXEC /S CMD.EXE

This will give you a command shell running as SYSTEM in session 0. From here you can execute commands as that user, meaning you will be able to change the function of those scheduled tasks

SCHTASKS /Change is your most likely option, from here you can take control of the tasks, stop, start, delete

Improve this answer
11
  • 2
    I've tried this and can't get it to work after doing PSExec: C:\WINDOWS\system32>SCHTASKS /Change /tn "\Microsoft\Windows\UpdateOrchestrator\Reboot" /DISABLE ERROR: Access is denied. No matter what I do, I can't disable or change the user or change the wake timer setting of this scheduled task.
    – mkmurray
    Commented Dec 14, 2017 at 17:24
  • 1
    "you should be changing them in the graphical interface" .... well, that's what I was trying :-/ I think it's even worse that I can see a GUI option but can't change! I'd be less upset if I couldn't see it. :( Anyway, the psexec worked and I can disable the service, thanks. ^_^ It's not the same as changing the settings, but works. Still, my windows rebooted for an update even with the service disabled and "Windows Updates" service set to "manual". Boy sometimes I do hate microsoft.... >:-( Back at investigations... :-/ PS: I'm intrigued by @mkmurray's case, I wish he'd post a question. :$
    – msb
    Commented Dec 17, 2017 at 19:28
  • We are running Windows 10 Enterprise and have the same issue. Also, do you assume anyone with Windows 10 Home computers don't know anything? So your snobby "Windows Home" comment... I don't know how to complete this sentence without sounding like an ass so I'll just leave it here. P.S. Your method doesn't work. It was helpful because I learned something from it, however the system still reboots after updates are installed.
    – Ryan
    Commented Sep 14, 2019 at 2:24
  • @Ryan " I don't know how to complete this sentence without sounding like an ass" don't worry, you've already achieved that.
    – Patrick
    Commented Sep 17, 2019 at 10:53
  • 2
    This was part of the answer for me. @jkiv below mentioned to run psexec -s -i cmd.exe. The extra -i allows the command to interact with the desktop, so when you then run taskschd.msc in the new window, it will launch the Task Scheduler UI which is much more user friendly to navigate than to sort out the correct command line arguments. In other words, this extra -i flag lets you run Task Scheduler just like you would expect as an admin of your own device and you don't get prompted for passwords anymore since the -s is running as the system user.
    – Jeff Neet
    Commented Jul 14, 2020 at 17:05
15

Success. After much trying, this is what works for me on Windows 10 Home. Download PSExec.

PSEXEC /S CMD.EXE
SCHTASKS /Change /tn "\Microsoft\Windows\UpdateOrchestrator\Reboot" /DISABLE
You should get: SUCCESS: The parameters of scheduled task "\Microsoft\Windows\UpdateOrchestrator\Reboot" have been changed.

Improve this answer
1
  • 3
    Mine is already disabled, and the computer just rebooted again. Boy I hate M$. >:-/
    – msb
    Commented Oct 14, 2018 at 8:34
10

I'm using Windows 10 Pro and was having a similar issue. I wasn't able to change my "Wake the computer to perform this task" setting on the reboot task using the task scheduler UI, but found I eventually could using this method:

Using psexec as Patrick suggested:

  1. Run a command prompt as administrator.
  2. Navigate to where the psexec executable is located.
  3. Run .\psexec -s -i cmd.exe to open a new cmd window.
  4. In the new cmd window run taskschd.msc (or %windir%\system32\taskschd.msc).
  5. Edit your task like before. You shouldn't be prompted for credentials.

I started looking for a solution for this when Windows would wake my computer from sleep to force a reboot. The problem is my bootloader pins the CPU at 100% while it waits for my input. My laptop is often closed when this happens and it becomes hot to the touch. I'm worried for my desktop too, which hasn't been acting normal since I started finding it sitting at the bootloader in the morning, with all the fans on.

Improve this answer
4
  • 2
    It's been about a month now, and I can confirm this did nothing to prevent the computer from waking to reboot on updates.
    – jkiv
    Commented Aug 20, 2018 at 12:34
  • 1
    Try my solution.
    – AveYo
    Commented Sep 26, 2018 at 8:13
  • Thank you for this. That -i was the missing piece I needed to be able to get the taskschd.msc UI to run. I've been having a similar problem. Every time I put my computer to sleep, I come back to find it at a Blue Screen. Checking the Event Viewer, the last thing that happens is one of these update tasks runs doing a Backup Scan and then something fails miserably.
    – Jeff Neet
    Commented Jul 11, 2020 at 7:05
  • You definitly save my nights ! :)
    – OOM
    Commented Sep 20, 2020 at 0:04
2

windows_update_reboot_toggle.bat
Disable protected reboot and wake tasks. No external tools needed. Built-in undo. 

@echo off &title Windows Update Reboot Toggle
reg query "HKEY_USERS\S-1-5-20\Environment" /v TEMP >nul 2>nul || goto need_admin_rights

set "updatetasks=HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator"
call :check_status "%updatetasks%\Reboot"
echo.
echo      ---------------------------------------------------------------------
echo     :                  Windows Update Reboot Toggle v4.6                  :
echo     :---------------------------------------------------------------------:
echo     : Prevent protected reboot and wake to run tasks without disabling WU :
echo     :           Just run this script again to toggle tasks on/off         :
echo     :                                                                     :
echo     :                          Currently: %STATUS%%_%                     :
echo     :                                                                     :
echo     : Press Alt+F4 to cancel                    Always run latest version :
echo      ---------------------------------------------------------------------
echo       All-around Windows Update Toggle available at https://git.io/vx2et
echo.
timeout /t 10 &echo.

:: Use Reg_TakeOwnership snippet to unprotect UpdateOrchestrator task cache registry keys
reg add "%updatetasks%\Reboot" /v checkrights /d 1 /f >nul 2>nul || call :reg_takeownership "%updatetasks%" Administrators recursive
reg delete "%updatetasks%\Reboot" /v checkrights /f >nul 2>nul
:: Toggle Reboot task
call :toggle_task "%updatetasks%\Reboot"
:: Toggle Schedule Retry Scan task
call :toggle_task "%updatetasks%\Schedule Retry Scan"
:: Update status
call :check_status "%updatetasks%\Reboot"
echo.

:: Done!
echo -------------------------------------
echo  Windows Update Reboot Tasks now: %STATUS%
echo -------------------------------------
echo.
pause
exit

::----------------------------------------------------------------------------------------------------------------------------------
:: Utility functions
::----------------------------------------------------------------------------------------------------------------------------------
:check_status %1:TaskCache entry in registry
reg query "%~1" /v "Id_OFF" >nul 2>nul && set "STATUS=OFF" || set "STATUS=ON!"
set "_=        " &if "%STATUS%"=="OFF" ( color 0c ) else color 0b
exit/b

:toggle_task %1:TaskCache entry in registry
reg query "%~1" /v "Id_OFF" >nul 2>nul && set "isOFF=1" || set "isOFF="
reg query "%~1" /v "Id" >nul 2>nul && set "isOFF=" || set "isOFF=1"
if defined isOFF ( call :reg_query "%~1" "Id_OFF" ID_BACKUP ) else call :reg_query "%~1" "Id" ID_BACKUP
if defined isOFF ( reg delete "%~1" /v "Id_OFF" /f &reg add "%~1" /v "Id" /d %ID_BACKUP% /f )
if not defined isOFF ( reg delete "%~1" /v "Id" /f &reg add "%~1" /v "Id_OFF" /d %ID_BACKUP% /f )
exit/b

:reg_takeownership %1:regkey[ex:"HKCU\Console"] %2:_user[optional, default:"Administrators"] %3:_recursive[optional, default:""]
set "s10=$dll0='[DllImport(''ntdll.dll'')]public static extern int RtlAdjustPrivilege(ulong a,bool b,bool c,ref bool d);'; $ntdll="
set "s11=Add-Type -Member $dll0 -Name NtDll -PassThru; foreach($i in @(9,17,18)){$null=$ntdll::RtlAdjustPrivilege($i,1,0,[ref]0)};"
set "s12=function Reg_TakeOwnership { param($hive, $key, $own, $inherit=$false);"
set "s13= $reg=[Microsoft.Win32.Registry]::$hive.OpenSubKey($key,'ReadWriteSubTree','TakeOwnership');"
set "s14= $acl=New-Object System.Security.AccessControl.RegistrySecurity; $acl.SetOwner($own); $reg.SetAccessControl($acl);"
set "s15= $acl.SetAccessRuleProtection($false,$false);$reg.SetAccessControl($acl);"
set "s16= $reg=$reg.OpenSubKey('','ReadWriteSubTree','ChangePermissions'); if($inherit){"
set "s17= $rule=New-Object System.Security.AccessControl.RegistryAccessRule($own,'FullControl','ContainerInherit','None','Allow');"
set "s18= $acl.ResetAccessRule($rule);$reg.SetAccessControl($acl);} }; $rk=$regkey -split '\\\\',2; $key=$rk[1];"
set "s19=switch -regex ($rk[0]) { '[mM]'{$HK='LocalMachine'};'[uU]'{$HK='CurrentUser'}; default {$HK='ClassesRoot'}; }; $HK; $key;"
set "s20=if($user -eq ''){$user='Administrators'}; [System.Security.Principal.NTAccount]$owner=$user; $rcsv=($recursive -ne '');"
set "s21=Reg_TakeOwnership $HK $key $owner $true; if($rcsv){$r=[Microsoft.Win32.Registry]::$HK.OpenSubKey($key);"
set "s22=foreach($sk in $r.GetSubKeyNames()){$sk; try{ Reg_TakeOwnership $HK $($key+'\\'+$sk) $owner }catch{} }} "
setlocal & for /l %%# in (10,1,22) do call set "ps_RegTakeOwnership=%%ps_RegTakeOwnership%%%%s%%#:'=\"%%"
powershell.exe -c " $regkey='%~1';$user='%~2';$recursive='%~3'; %ps_RegTakeOwnership%;"
endlocal & exit/b                                         AveYo: call :reg_takeownership "HKLM\MyKey" "NT Service\TrustedInstaller"

:reg_query %1:KeyName %2:ValueName %3:OutputVariable %4:other_options[example: "/t REG_DWORD"]
setlocal & for /f "skip=2 delims=" %%s in ('reg query "%~1" /v "%~2" /z 2^>nul') do set "rq=%%s" & call set "rv=%%rq:*)    =%%"
endlocal & set "%~3=%rv%" & exit/b                                              AveYo: call :reg_query "HKCU\MyKey" "MyValue" MyVar

:need_admin_rights
color 0c&echo. &echo  PERMISSION DENIED! Right-click %~nx0 ^& Run as administrator &timeout /t 60 &color 0f&title %COMSPEC% &exit/b
::end
Improve this answer
1

disable Windows Orchestrator from waking computer

  1. Get a copy of PSEXEC from sysinternals
  2. Run the following in an Administrative CMD window to elevate to SYSTEM user:
    psexec -s -i cmd.exe
  3. Run elevated Task Scheduler with SYSTEM user privileges: taskschd.msc
  4. Go to Windows\UpdateOrchestrator\
  5. Change all to disabled
  6. Go to this folder and become the owner: C:\Windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator properties > security > advanced > Change... > administrators > ok
  7. Close and open the same dialog
  8. Now change the rights of the SYSTEM principal and deny write rights so it cannot re-enable itself
  9. Done!
Improve this answer
0

When you say "home", you of course mean Win 10 Home vs Win 10 Pro? I ask because I have several computers, all Windows 10 Home, and most let me modify the tasks without that admin password popping up, but a few don't. Home version doesn't make a difference, something else is preventing changes.

I would venture a guess that you can modify the tasks from a clean installation of Win 10 BEFORE you do any updates... however once updates go through, you lose control over many system features like tasks. Deleting tasks does no good, you have to delete the triggers inside of the tasks and then try to disable them all after a clean installation.

Improve this answer
0

I was able to disable it by going to the following path, backing up the old task, and making a new blank one.

%windir%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator

If that doesn't work in your OS version, try the .bat or the registry change in this link but I don't know if it might cause problems for you.

Improve this answer
0

Here is how I got it to work for me.

Go to %windir%\System32\Tasks\Microsoft\Windows\UpdateOrchestrator right click and choose "properties" of the "reboot" file inside the folder click the "security" tab in the properties window click the "advanced" button Under permissions tab click the "continue" button Change from deny to allow for Administrators and Everyone Say yes to the warnings that pop up Hit "apply" button Hit "ok" Delete the file by right clicking and choosing to delete, no admin shield shown now.

Then I did this from an elevated CMD prompt. PSEXEC /S /I CMD.EXE SCHTASKS /Change /tn "\Microsoft\Windows\UpdateOrchestrator\Reboot" /DISABLE

I got: SUCCESS: The parameters of scheduled task "\Microsoft\Windows\UpdateOrchestrator\Reboot" have been changed.

I then launched the Task Scheduler went to the reboot task location and it showed as disabled, even though I did not recreate the file, but once you run the SCHTRASKS command it will recreate the task , but marks it as disabled.

At least this worked for me, and the timer hasn't caused a reboot yet....fingers crossed.

For those who say the file doesn't exist there. Window Screenshot

*Update, it worked for 24 hours, then I had to re-run the steps to stop the reboot process again.

Improve this answer
0

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .