Roll out Win10 22H2 noninvasively

Question

To avoid updating to Win 11, many of us resorted to rolling out a script to add registry entries under "HKLM>Software>Policies>Microsoft>Windows>Windows Update" to stick to Windows 10 and target version 21H2. Once 22H2 came out, this seemed to stop devices updating to that as well. Meanwhile some devices are on even older versions. As an MSP, you don't have full control over how clients deploy or block updates, so many have "auto update disabled" My question is simply WHY there is no way to run the Windows Update Assistant in the background on all devices to bring them up to 22H2 without forcefully rebooting the machine when you're finished. This makes it totally useless unless you are manually running it on all devices with the dialog shown on screen so users can see when it is going to restart and take action to save/restart themselves. There are scripts to try and monitor the install and cancel it at the point of restart to avoid this, but they are not reliable in testing. Some devices, having edited the registry entry to say 22H2, will update themselves over time, or you can just run Windows Update and there is 22H2 at the top - and it often installs in a fraction of the time of the Update Assistant (which can be 1-3h) as it's probably just using the Feature Unlock ( https://support.microsoft.com/en-us/topic/kb5015684-featured-update-to-windows-10-version-22h2-by-using-an-enablement-package-09d43632-f438-47b5-985e-d6fd704eee61 ) Is there no way to get updates to 22H2 (or later) out to devices without having to book timeslots on every device everywhere to manually run the Update Assistant, or risk scheduling it to run in the background overnight on devices which are then never left on or fail for unknown reasons etc? It seems like either a complete failure on the deployment front, or a complete failure to understand how it's supposed to be done by us.

All help appreciated as this is a major headache

Answer 1

Hi, I'd be happy to help you out with your question. Sorry for the inconvenience caused. First, it's important to understand that Microsoft recommends a restart after installing updates to ensure that all components are properly installed and configured. While it may be inconvenient to have to manually schedule and monitor the update process, it is likely the best way to ensure that the update is successful and does not cause any issues. However, there are some options for automating the update process. One option is to use a Windows Server Update Services (WSUS) server to manage updates across all devices. This allows you to control which updates are deployed and when they are installed, as well as providing centralized reporting and monitoring of the update process. Another option is to use a third-party patch management tool, which can provide similar functionality to WSUS but may be more customizable or easier to use. If you're having trouble updating to the latest version of Windows, there could be a variety of reasons. One common issue is that devices may not have enough free disk space to install the update, so you may need to clear out some unnecessary files or applications to make room. Another issue could be compatibility problems with certain hardware or software, in which case you may need to update drivers or applications before attempting the update. Overall, it's important to carefully plan and test any updates before deploying them, and to have a solid backup and recovery plan in case anything goes wrong during the update process. If you have any other questions or need assistance with anything, please don't hesitate to let me know. I'm here to help.

If the reply was helpful, please don’t forget to upvote or accept as answer, thank you.