Can standalone (not joined to domain ) Windows Server 2019 VM be configured to install updates automatically? [duplicate]
On a freshly-installed, non-domain-joined Windows Server 2019 (with desktop experience) VM, the ability to change Windows Update installation settings seems to have vanished, with the "Some settings are managed by your organization" message:
Viewing the configured update policies shows two set on the device, both with a type of Group Policy:
- Download the updates automatically and notify when they are ready to be installed
- Set automatic update options
However, running rsop
and gpresult
both (as expected) show no group policy objects applied. (It's a standalone system, so no domain policy applies.)
Is this expected?
Amazon also acknowledge this for their 2019 EC2 images, but it seems odd that using gpedit.msc
is the only mechanism for enabling automatic update installation.
Solution 1:
Popping this in an answer, as our workaround at least: we found the EC2 Server 2019 image had automatic update options set in the registry under HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU
.
You can probably just clear these out if you want to set them in the UI, but we overwrote them to force updates into automatic installation, with values:
- AUOptions = 4
- NoAutoUpdate = 0
- ScheduledInstallTime =
- ScheduledInstallDay = 0
- ScheduledInstallEveryWeek = 1