RE: Automatic Updates and Users/Power Users

From: Stegman, William (
Date: 01/13/05

  • Next message: Joe Blatz: "IIS6 on W2k3 DCs"
    Date: Thu, 13 Jan 2005 08:16:33 -0500
    To: <>

    I've noticed one annoyance with SUS and non-admin users. If you're using SUS and a GPO with the automatically download and schedule the install, only admins are able to click yes or no to the subsequent reboot screen after having the updates applied. The no button is grayed out for non-admins.

    -----Original Message-----
    From: Rasmus Rønlev []
    Sent: Wednesday, January 12, 2005 5:14 PM
    Subject: RE: Automatic Updates and Users/Power Users


    If my first post gets through, that needs to be semi-disregarded, was a bit
    quick on the reply button there. Sorry.

    The Windows Update program/service runs as the System Account. And if it's
    set to automaticly download and notify it will ask anyone logged on
    interactively, for permission to install the downloaded patches. Since it
    has rights from the system account it will install updates no problem in
    this setting, from a normal user account and upwards. No problems at all.

    If you use SUS nothing much changes except your Windows Update service will
    now only download updates, that you have accepted to roll out on/from your
    SUS server. In this way you can potentially delay or block rolling out
    certain update packages, which you might not want to deploy in your
    enterprise. The same download/install behaviour described above will still
    be in effect though. I.e. you can use it for everyone with User privileges
    and up.

    I hope that answers the questions somewhat more to the point :)


    Rasmus Rønlev
    Copenhagen Business School, ITSu
    Cell: (+45) 29612544
    Phone: (+45) 38153521
    Fax: (+45) 38153536

    -----Original Message-----
    From: Evan Mann []
    Sent: 12. januar 2005 17:56
    Subject: Automatic Updates and Users/Power Users

    If Automatic Updates is not set via GPO to contact an SUS Server but has
    been set to download updates and notify to install, will a user or power
    user be able to initiate the install?

    If Automatic Updates is set via GPO with the same download/install, but
    from an SUS server, does anything change?

    Essentially, how do I ensure, using Automatic Updates, with and without
    SUS, that a computer that the daily user only has User or Power User
    Access, that the updates can be installed.




  • Next message: Joe Blatz: "IIS6 on W2k3 DCs"

    Relevant Pages

    • Re: System tray icon disappears at 0%
      ... Did you follow the steps laid out to clear the Download folder? ... Did you follow the steps laid out to clear the Software Distribution folder if the above did not resolve the issue? ... Now go back and reenable Automatic Updates so that it loads on Startup by setting it to Automatic. ...
    • Re: System tray icon disappears at 0%
      ... taunting me with a 0% download message. ... Now go back and reenable Automatic Updates so that it loads on Startup ... IE7, so I have never been given the opportunity to even check a box that says ...
    • Re: Looking for twisted love (IE6 SP1)
      ... The site cannot continue because one or more of these Windows services is not running: ... Automatic Updates ... Background Intelligent Transfer Service (helps updates download more quickly and without problems if the download process is interrupted) ... In the list of services, double-click on Automatic Updates and then click Properties. ...
    • Re: Reporting Hackers
      ... Have you patched the programs OTHER than Windows XP/Norton using their ... Patches and Updates! ... How to configure and use Automatic Updates in Windows XP ... are pay - some you can only download if you are registered - but it is best ...
    • RE: SUS server
      ... Subject: SUS server ... Let it sit overnight and recheck the critical updates via Windows ... Properties is set to 4 - Auto Download and Schedule the install. ... SurfControl E-mail Filter for SMTP & Exchange leverages multiple layers ...