Intune has several build-in policy to manage updates and you won't need to change the registry, take a look at:
https://learn.microsoft.com/en-us/mem/intune/protect/windows-update-settings
Intune OMA-URI
hello experts i hope someone can help with the below :
how can i create a custom policy ( oma-uri) with intune to change the below key registry HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU noautoupdate =0
i know it can be done via powershell script using remediation , but i need it as a profile to win over the local group policy i have .
7 answers
Sort by: Most helpful
-
Reza-Ameri 16,826 Reputation points
2021-03-07T18:37:10.12+00:00 -
haZ 21 Reputation points
2021-03-07T19:52:04.507+00:00 Thanks for the reply , i have configured so far AllowMUUpdateService and AllowUpdateService values , but none seems to set the value of the noautoupdate = 0 ...
-
haZ 21 Reputation points
2021-03-07T19:53:30.937+00:00 do you have an idea which csp change this value ??
-
Rahul Jindal [MVP] 9,131 Reputation points MVP
2021-03-07T22:51:54.86+00:00 That won’t work as the GPO will revert it again. What you should do is remove the GPO policy if you want Intune to manage updates on the devices.
-
Lu Dai-MSFT 28,341 Reputation points
2021-03-08T06:54:29.117+00:00 @haZ Thanks for posting in our Q&A.
For this issue, I have done the test in my lab. I tried to deploy a custom policy to enable automatic updates. I can see the policy under "Policies set on your device", but the registry key of noautoupdate is also "1", not set to "0".
So, I think policies have precedence. For this policy, GPO precedes over intune. Given this situation, it is suggested to make it via PowerShell Scripts.
Thanks for understanding.
If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.