Share via

Windows 11 First Boot 'Checking for Updates'

Lee Martin 1 Reputation point
2023-10-06T07:32:56.6266667+00:00

Hi,

I am working on a customer project to deliver Windows 11 from Configuration Manager. Fairly routine engagement but one item that has me a little confused is once the ConfigMgr Task Sequence has completed and Windows 11 boots for the first time, it seems intent on checking for updates and subsequently updating itself.

Whilst this is great the ramifications for an Enterprise who want to have a controlled state means this could be a little 'wild west' in instances , therefore I am trying to ascertain if this is being forced upon or if there is a way to stand this configuration down and allow a controlled check for updates which should be happening anyway via ConfigMgr. Some of the previous answer file attributes no longer seem effective and there doesn't seem to be a huge amount online about this.

For clarification, this is Windows 11 Enterprise, vanilla image being delivered via Configuration Manager.

Thanks in advance

Microsoft Security | Intune | Configuration Manager | Other
Windows for business | Windows Client for IT Pros | User experience | Other
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. XinGuo-MSFT 22,231 Reputation points
    2023-10-09T07:07:53.0633333+00:00

    Hi,

    In Windows 11, the behavior of checking for updates during the first boot can be influenced by Group Policy settings. To control this process in an enterprise environment, you can use Group Policy to configure Windows Update settings.

    Here's how you can do it:

    Press Win + R, type "gpedit.msc," and press Enter to open the Local Group Policy Editor.

    Navigate to "Computer Configuration" > "Administrative Templates" > "Windows Components" > "Windows Update."

    Look for the policy named "Do not connect to any Windows Update Internet locations" and set it to "Enabled." This will prevent Windows from connecting to Windows Update servers during the first boot.

    Additionally, you can configure other policies like "Configure Automatic Updates" to control how updates are installed and scheduled.

    By configuring these policies, you can ensure that Windows 11 Enterprise machines don't initiate uncontrolled updates during the first boot and instead rely on your Configuration Manager for updates.

  2. XinGuo-MSFT 22,231 Reputation points
    2023-10-11T02:48:42.78+00:00

    Considering this requirement, I can propose two methods:

    1. Using a Task Sequence load the registry hive of the full OS, make necessary modifications, and then unload it.
    2. Customize the golden image with applying local policies and skipping OOBE.
    0 comments
  3. Marius Strauch 0 Reputation points
    2025-02-13T12:21:11.5166667+00:00

    Have you ever been able to solve this? I have the exact same issue and cannot find a solution online.

    Thanks!

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.