Do all the things like ++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatarSign Up
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple APILearn More
So you want to make Windows think that there are no updates by creating your own Windows Update Server who always says 'no'?
Does MS allow this? Are there any predefined libs from MS?
zymk11726y@hypervtechnics short answer yes! 😁
So far in my research a full WUA (windows update agent) API for custom tooling can be accessed if needed. I’m not good with C++ though so if that extra tooling is needed it’s definitely going to take me some extra tome to figure it out.
As for whether or not Microsoft allows this all I can definitively say at the moment is this. If you are running Windows Pro or higher the functionality to use a WSUS server exists in the OS and `can` be configured. MS probably wouldn’t want a 3rd party to be “managing” updates for standard consumers. (Just meaning people without an AD/domain) I’ll dig more into whether this is going to get me into hot water with MS to try and give a better answer for you.
endor58896yDude. Just open gpedit.msc (aka Group Policy Editor) and look for the Windows Updates settings. You have full control over the REAL update settings, including disabling automatic updates and auto-reboot entirely (no "working hours" bullshit). And you can still update manually if you want to.
No need to make your own server, just dive deeper into the settings.
Don't reinvent the wheel.
zymk11726y@endor that was one thought that I had too, and there’s also the option to just blackhole the windows update server urls in there. But I was planning on making something for my startup so I could manage updates for my clients. I do business with a few smaller companies that don’t have the infrastructure in place for a wsus server. I wanted to see if there was any interest by the community to have a “blackhole” update server.
I guess I could just as easily publish powershell scripts that modify local gpo settings for people 😅. With a script that will undo the gpo settings changes for when people are ready to update. I often overthink things.
endor58896yYou don't even need to undo the settings to update, since all you're disabling is *automatic* updates. You can still manually trigger them, and I'm sure it will be a thing (relatively) easy to script (like "download and install all updates when a signal is sent" or something).
Imho making your own custom update server would only be a reasonable solution for a large company and/or large enough community that has pre-agreed on a common update policy (good luck with that...).
Not that it isn't a cool idea, but a little bit overkill imo.
Just my 0.02$