Hello @Joseph Hanchey ,
Thank you for posting here.
Hope the information provided by MotoX80 is helpful.
I know that files can be downloaded to a computer from a domain share without a user account (it's how a GPO does it).
A: Would you please tell us what gpo setting you mentioned?
Is it the following GPO setting (copy file from one location to the other location)?
Computer Configuration\Preferences\Windows Settings\Files
OR
User Configuration\Preferences\Windows Settings\Files
But I don't know how to do this manually (without a GPO).
The idea I have is to have a task that will download the patches, install them, and reboot as needed. Regardless if a user is logged in or not.
A: Do you want such a existing task Scheduler that can achieve your requirements?
I'm guessing if I knew how the GPO does it, I could reproduce it for our task.
A: Do you mean one GPO can download the patches, install them, and reboot as needed. Regardless if a user is logged in or not? If so, there is no such existing gpo settings to achieve your requirements.
However, as I mentioned above, you can copy file from one location to the other location via gpo, then if the update files are .msi files, you can install the .msi files via gpo setting below:
Computer Configuration\Software Settings\Software installation
OR
User Configuration\Software Settings\Software installation
After that, you need to restart every machine that apply the GPO above manually.
Reference
Use Group Policy to remotely install software
https://learn.microsoft.com/en-us/troubleshoot/windows-server/group-policy/use-group-policy-to-install-software
Hope the information above is helpful.
Should you have any question or concern, please feel free to let us know.
Best Regards,
Daisy Zhou
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.