you should read this Bob https://blogs.technet.microsoft.com/windowsserver/2017/01/09/why-wsus-and-sccm-managed-clients-are-reaching-out-to-microsoft-online/
cheers niall On Tue, Mar 28, 2017 at 3:53 PM, Gerry Hampson <gerry.hamp...@ergogroup.ie> wrote: > That’s the only thing you can do Bob. It’s seems reliable enough so far. > This is the one you need > > > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. > myitforum.com] *On Behalf Of *Underwood, Bob > *Sent:* 28 March 2017 14:44 > > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] How to control "Defer Feature Updates" check box? > > > > Thanks Gerry! > > > > I should have also mentioned that we have group policies in place to block > all access to external Windows Update services, since we want to be able to > manage all patches, etc. Have you also seen unreliable results in that > scenario? > > > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. > myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Gerry > Hampson > *Sent:* Tuesday, March 28, 2017 8:31 AM > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] How to control "Defer Feature Updates" check box? > > > > That’s not the case Bob. If you are using ConfigMgr and you are on the CBB > track. then you want ConfigMgr to be in charge of feature updates (via > in-place upgrade TS for example). If you or your user check this box then > that changes. You have introduced a “dual scan” scenario whereby the client > will now also scan against Windows updates. The clients will find the new > feature upgrades and will automatically install them. I’ve seen this happen > and it’s not nice when you’re not prepared for it. > > > > I believe this situation will improve with Creators Update where you will > have more control over this dual scan, but for now, this is the situation. > Do not use that setting, manually or by GPO. > > > > Additionally, many ConfigMgr docs tell you to use this setting to define > CBB devices. This information is inaccurate. > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. > myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Underwood, > Bob > *Sent:* 28 March 2017 14:03 > *To:* mssms@lists.myitforum.com > *Subject:* RE: [mssms] How to control "Defer Feature Updates" check box? > > > > Hey Niall – > > > > Can you please share that registry key? > > > > As it happens, I’ve got a case open with Microsoft right now, inquiring > about the interaction between the two checkboxes on that screen and SCCM > management. So far I’ve been told that there is no interaction whatsoever, > and that SCCM “wins”… but it seems like that may not be the case? > > > > Thanks! > > > > > > This message has been marked as Medtronic Controlled > > > > *From:* listsad...@lists.myitforum.com [mailto:listsadmin@lists. > myitforum.com <listsad...@lists.myitforum.com>] *On Behalf Of *Niall Brady > *Sent:* Tuesday, March 28, 2017 12:00 AM > *To:* mssms@lists.myitforum.com > *Subject:* Re: [mssms] How to control "Defer Feature Updates" check box? > > > > we removed it by removing the associate UX registry key, that's good > enough but does not prevent the user from manually ticking the box again > > > > On Mon, Mar 27, 2017 at 9:01 PM, RJ Subscriber <rj.subscri...@outlook.com> > wrote: > > If the "Defer Feature Updates" box gets checked in Advanced Options, how > can one use policy or other method to globally uncheck it? Having that box > checked prevents SCCM from seeing Windows 10 1607 updates. I've tried > disabling the GPO, enabling and setting the delay to 0 days and also Not > Configured and the box remains checked and the GPO and resultant registry > settings have no benefit for SCCM. I've deleted the registry settings, too > and still nothing unchecks the box or allows SCCM to find updates. The box > has to be *manually *unchecked. > > > > I think Defer Feature Updates was added as a GPO by an admin to try to > prevent 1607 from being accidently installed on our Enterprise clients > running 1511. Now we can't undo it without manual intervention on dozens > of PCs that have been deployed with Win 10 1607. > > > > Thanks, > > Russell > > > > > > > > > > [CONFIDENTIALITY AND PRIVACY NOTICE] Information transmitted by this email > is proprietary to Medtronic and is intended for use only by the individual > or entity to which it is addressed, and may contain information that is > private, privileged, confidential or exempt from disclosure under > applicable law. If you are not the intended recipient or it appears that > this mail has been forwarded to you without proper authority, you are > notified that any use or dissemination of this information in any manner is > strictly prohibited. In such cases, please delete this mail from your > records. To view this notice in other languages you can either select the > following link or manually copy and paste the link into the address bar of > a web browser: http://emaildisclaimer.medtronic.com > <https://emea01.safelinks.protection.outlook.com/?url=http%3A%2F%2Femaildisclaimer.medtronic.com&data=01%7C01%7Cgerry.hampson%40ergogroup.ie%7C7cb54eb6bedc483f432408d475e161a7%7C8569ca5f57e64cf2ae3c63d83fc633e9%7C1&sdata=eV0ObUzFTCwUysU7X02uDk7joU0x%2BZWrgn9y%2BDf3ScQ%3D&reserved=0> > > > > > > > >