Computer cannot contact Microsoft update service to upgrade latest patches if it’s managed by SCCM policy. Sometimes we may need to keep latest patch for testing, security or other purpose, such as when you create a golden image, you always want to keep the system up to date.
I found an article “How To: Remove WSUS Settings and Restore Windows Update Defaults” talks about how to delete registry keys to workaround the restriction.
I also found actually just need to change two keys in registry if you want to enable Windows Update service temporarily.
- Backup registry path below.
HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdate - Go to the same path above.
- Change value of “DisableWindowsUpdateAccess” from “1” to “0”
- Go to following registry path.
HKEY_LOCAL_MACHINESOFTWAREPoliciesMicrosoftWindowsWindowsUpdateAU - Change value of “UseWUServer” from “1” to “0”
I also wrote another post about solution of install standalone patch on Windows Server 2016 for your reference: “The update is not applicable to your computer” When Install Standalone Patch on Windows Server 2016
