Jump to content
View in the app

A better way to browse. Learn more.
Pulseway

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

Patch Policy: Server 2016 - Unable to search for Updates or install them (GUI) - greyed out

JohnnyJoker
in Bugs

Featured Replies

Posted

Hello,

today we've noticed that on our Server 2016 OS machines we can't use the Windows Update GUI to Search for or Install Updates.

Controlling it with USOCLIENT startscan & USOCLIENT startinstall works as expected but the Button to Search for new and Install pending Updates is greyed out.

After a bit of testing (blocking our GPO, removing the Pulseway Patch Policy, Resetting Windows Update) it seems that Pulseway sets Registry Keys that interfere with either our (GPO) settings or sets invalid values which in turn lead to an unusable Windows Update GUI.

Server 2019 & 2022 work fine with GPO + Pulseway Patch Policy applied.

Next Screenshot is a Diff of the Registry Keys with just the GPO applied (left) and GPO + Patch Policy applied (right):

image.thumb.png.7f80174114bb10a6361ec6fb0e9577d4.png

 

Our Windows Settings from the Patch Policy are set as follows:

image.thumb.png.a858a730b15a53547ea72ad4ee181d5e.png

I've tested changing the new Drop-Down in the Pulseway Patch Policy from "Automatically download updates and let a user choose when to install" to "Notify before downloading and installing and updates" - which controls the AUOptions Registry Key and changes that to 2, so it matches with our setting from GPO - but unfortunately that didn't change that behaviour (button still greyed out).

I've now tested removing a few keys to see which one's the culprit and manually deleting the Key "SetDisableUXWUAccessSetDisable" (which gets configured with the value 0 by Pulseway) and starting a Scan via "USOCLIENT startscan" restores the button to "Check for updates" in the UI.

"Prevent end users from executing and configuring Windows Update" in the Patch Policy is disabled, so it shouldn't be blocked but then again it's set correctly in the registry and I can't seem to find incompatibilities on that key with Server 2016.
The GPO Value for "Remove access to use all Windows Update features" (which this key sets) is supported on "At least Windows Server 2016 or Windows 10" according to our Windows Server 2022 ADMX.

Do you guys see anything, other than that Key, interfering?

 

 

I'm also experiencing this issue. 

 

Is there any way that we can turn off the Windows Update Management settings, whilst retaining the 3rd party application control functionality?

Please let me know.

    1 hour ago, StefanMcl_Pulseway said:

    Hi Guys, 

    I have raised the bug report with Support, if you like you can pass me on both your emails and I can CC you guys in the chain so that you can stay up to date on it's progress

    Let me know. 

    Thanks, 

    Stefan 

    Thanks Stefan - I've raised this with support also. Please let me know how I DM you! 

    I am also having this problem.  I have many servers that have the Windows Update "install now" button grayed out.  Am I missing something here?  Is there a fix to this issue?

    2023-08-15_14-25-30.png

    • 3 weeks later...
    • Author

    Something changed but I don't know when and what (wasn't kept in the Loop - or I've missed it).

    Anyway, the GUIs behaviour is back to normal for me on Server 2016.

    I didn't diff the registry again but just by glancing over it it seems that some previously set values were removed.

    • 2 months later...

    This issue resolved itself a few months ago, but now appears to be back again! Only affecting Server 2016.

    • Administrators

    @ed247 @JohnnyJoker @JonasB

    Hi All, 

    I believe the issues is still being reviewed by dev However there is the following hotfix that should work. If you run the following script as an administrator it should fix the issue: 
      

    REG DELETE HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v SetDisableUXWUAccess
REG DELETE HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate /v SetDisablePauseUXAccess
USOCLIENT startscan

    Let me know if it works or not, 
    Thanks a mill, 
    Stefan

    • Create an account or sign in to comment

    Go to topic listing

    Similar Content

    Configure browser push notifications
    Chrome (Android)
    1. Tap the lock icon next to the address bar.
    2. Tap Permissions → Notifications.
    3. Adjust your preference.
    Chrome (Desktop)
    1. Click the padlock icon in the address bar.
    2. Select Site settings.
    3. Find Notifications and adjust your preference.