I have an OU of machines that have the SCCM agent, however for these machines I want them to apply updates from Microsoft Windows Updates rather than having their updates managed by SCCM.
Is there a way to have a small number of clients ignore any Windows Updates settings and just go out to Microsoft for their updates as if they had never heard of SCCM and WSUS? My scenario is this. We have allowed 10 or so Windows 7 x86 machines onto the domain for various reasons, while the other 20,000 systems are all Win7 64bit. Rather than check in 32 bit updates every month and all the overhead that entails for a fraction of a percent of machines, I would just like to force those 10 machines to go out to Microsoft for patches. I still want the SCCM agent to collect HW/SW inventory for those machines though. I have a GPO set to force the machines to apply updates once a week, but their definition of what updates to apply seems to be coming from the MP/WSUS server still. They don't find any updates because I have never checked in/approved any 32 bit patches. Can I "opt-out" a set of machines from the SCCM patching system and allow them to go back out to MS Windows Update while keeping the SCCM agent installed? Can a GPO override the settings from SCCM? It seems like it's an all or nothing thing. Currently on SCCM 2007, but am interested if 2012 changes the answer as that is only a month or two away. ________________________________ Notice: This UI Health Care e-mail (including attachments) is covered by the Electronic Communications Privacy Act, 18 U.S.C. 2510-2521, is confidential and may be legally privileged. If you are not the intended recipient, you are hereby notified that any retention, dissemination, distribution, or copying of this communication is strictly prohibited. Please reply to the sender that you have received the message in error, then delete it. Thank you. ________________________________
