I recently had a client who kept complaining that their office server was randomly rebooting through out the night. I knew when I had done the install of server 2003 I had turned off auto updates so that I could control the update procces myself but the problem sounded like auto updates. Once I did a little investigation I noticed that auto updates was still on and when I tried to change it via the control panel all the options were grayed out and I had no control. I then remebered that active directory’s group policy determines pretty much every thing on a domain controller and since I had just reused the existing policy when I did the reinstall, the automatic updates were still on.
In this article I will show how to turn off auto updates on a domain controller running active directory:
First thing we need to do is open the group policy which is located under administrative tools:
Right click on Windows updates and select properties:
Once the dialog box comes up, select the settings tab and check the disabled radio button:
Once you are done editing select Ok and another box will come up asking if you want to save the Group Policies.msc:
Say yes and then close out the Group Policy Manger screen:
By default the group policy reloads it self every 90 mins but if you cannot wait that long you can force a reload of the group policy by opening a administrator cmd.exe and executing the command:
- gpupdate /force
Remember if you do this that you should manually check for Windows updates pretty frequently in order to keep up with the latest security patches.