24

My Windows 10 Professional (version 1709, build 16299.214) has repeatedly restarted itself in the past in order to install updates. I've set group policies to prevent this, however the system seems to ignore these.

Last night it has happened again and the Event Viewer has recorded the following message:

The process c:\windows\system32\svchost.exe (COMPUTER) has initiated the restart of computer COMPUTER on behalf of user NT AUTHORITY\SYSTEM for the following reason: Operating System: Service pack (Planned) Reason Code: 0x80020010 Shutdown Type: restart

My group policy settings under Computer Configuration > Administrative Templates > Windows Components > Windows Update are as follows:

— Configure Automatic Updates: Enabled, Configure automatic updating: 2 - Notify for download and auto install

— No auto-restart with logged on users for scheduled automatic updates installations: Enabled

All other group policy settings in this section are set to Not configured.

I had not logged off for the night as I never do that. What am I doing wrong?

Improve this question
7
  • 1
    Can you check to what the following regkey is set? HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoRebootWithLoggedOnUsers
    – architekt
    Commented Feb 14, 2018 at 10:35
  • 1
    Thanks. NoAutoRebootWithLoggedOnUsers is set to 1.
    – Bonilla
    Commented Feb 14, 2018 at 11:17
  • The whole section looks as follows: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU] "NoAutoRebootWithLoggedOnUsers"=dword:00000001 "NoAutoUpdate"=dword:00000000 "AUOptions"=dword:00000002 "ScheduledInstallDay"=dword:00000000 "ScheduledInstallTime"=dword:00000003
    – Bonilla
    Commented Feb 14, 2018 at 13:20
  • is HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU\NoAutoUpdate set to 1 too?
    – architekt
    Commented Feb 14, 2018 at 13:21
  • NoAutoUpdate is set to 0
    – Bonilla
    Commented Feb 14, 2018 at 13:37

2 Answers 2

Reset to default
17

You must have 4-Auto download and schedule the install enabled in Computer Configuration\Administrative Templates\Windows Components\Windows update\Configure Automatic Updates policy to have No auto-restart with logged on users for scheduled automatic updates installations option working.

See this table:

enter image description here

Read more detailed here, in Delay automatic reboot chapter:

Manage device restarts after updates

Improve this answer
1
  • Shouldn't it be "3 - Download the updates automatically and notify when they are ready to be installed"? Option 4 just allows you to pick the time, but not delay it. Option 3 seems to allow you to delay it as long as you need, even if it is weeks.
    – pbarney
    Commented Jan 16 at 2:35
11

Windows 10 does what it wants, not what you want.

Windows 10 will change any settings at any time by itself when updates install.

Windows 10 will disable drivers and devices considered incompatible with it, even if they previously worked.

That said, on Win 10 Pro if you really want to disable updates, make sure the update service is permanently disabled.

Additionally, disable it's permissions to restart.

With those 2 properly set, you should be fine.

In the case of wireless connections, you can 'cheat' by enabling Metered connection. That will prevent auto-downloading of updates.

Improve this answer
7
  • 4
    I wouldn't consider "windows 10 just does what it wants" to be a viable solution/answer. We run Win 10 Pro and Enterprise on several hundred computers with windows updates disabled (updates get handled via altiris by symantec) and we haven't got these problems.
    – architekt
    Commented Feb 14, 2018 at 12:47
  • Anti-virus controlling everything is an entirely different scenario. I use Kaspersky too to control updates and firewall rules.
    – Overmind
    Commented Feb 14, 2018 at 13:00
  • 2
    Altiris is not an AV-Software. It's pretty much like SCCM. But that doesn't matter, the fact that windows update itself is disabled (and stays disabled) is whats important and clearly contradicts your answer
    – architekt
    Commented Feb 14, 2018 at 13:15
  • 1
    @ Martin Fischer the point is to have something controlling things, no matter what it is (AV or other). Uncontrolled updates start to make things unusable way too often today. Just look at the one denying all outlook attachments as a relatively recent example.
    – Overmind
    Commented Feb 15, 2018 at 8:02
  • 1
    After updates, it's harder and harder to prevent a reboot. Recently, I manually system-scheduled the reboot to happen in 2099. Then W10 started to spam me with a desktop notification.
    – Overmind
    Commented Mar 2, 2020 at 11:10

You must log in to answer this question.

Not the answer you're looking for? Browse other questions tagged .