2

Windows 10 clients are downloading a lot of the updates from the internet instead of the WSUS server.

The WSUS itself is configured correctly, the clients are also reporting all to the WSUS servers.

and with windows 10 differ-differ version delivery Optimization registry has different settings

How can I avoid this? I saw some posts which say to set the Delivery Optimization to "None" but in my GPOs (updated yesterday) this option is not available.

I can set it to Bypass/Group/HTTP Only/Internet/Lan/Simple.

Also I checked already to change the following registry key to 0 like I saw it in some posts on the web, but 0 = HTTP only and not disabled....

HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization\DODownloadMode

I also enabled the GPO to disable the use of internet update ressources.

Maybe Microsoft change something for this during the last weeks?

So my question: How can i COMPLETLY disable the send and receive from updates with delivery optimaization and force them to go to WSUS

Biren
  • 31
  • 1
  • 9
  • The GPO for this is `Computer Configuration\Policies\Administrative Templates\Windows Components\Delivery Optimization` – duenni Apr 18 '19 at 08:28
  • Are you sure the WSUS updates are being downloaded from the internet? How can you tell? – Harry Johnston Apr 18 '19 at 08:43
  • @harryJohnston yes we are sure i checked client system taking update on local network, we are able to disable Delivery Optimization through GPO but we have different windows 10 editions. – Biren Apr 18 '19 at 09:40
  • Hi @duenni i didn't found that options on 2016 data-center – Biren Apr 18 '19 at 09:56
  • You need to update your Group Policy templates - https://www.microsoft.com/en-us/download/confirmation.aspx?id=57576 – joeqwerty Apr 18 '19 at 11:47
  • Hi @Joeqwerty but i am have checked my Windows 10, version 1809 i'm able to found here Computer Configuration\Policies\Administrative Templates\Windows Components\Delivery Optimization but when go with other version there is not registry for same – Biren Apr 18 '19 at 12:37
  • I don't understand what you're saying. Do you see it on your Domain Controller in the GPMC? If not then you need to update the GP ADMX files on your DC. – joeqwerty Apr 18 '19 at 13:52
  • some windows version i found: -- Updates from more than one place and some windows version i found:- Delivery Optimization – Biren Apr 19 '19 at 05:45
  • Hi @duenni for dilivery optimization we achived how to disable same but some windows version there are different options "update from more than one place " – Biren Apr 20 '19 at 06:02
  • Possible duplicate of [Windows 10 circumvents WSUS](https://serverfault.com/questions/891295/windows-10-circumvents-wsus) – Am_I_Helpful May 05 '19 at 14:32

1 Answers1

1

If you want to completely disable delivery optimization then you need to set the download mode policy to "NONE" You can find the Delivery Optimization Group Policy objects under Computer Configuration > Administrative Templates > Windows Components > Delivery Optimization. Without group policy you can create a new REG_DWORD registry setting named DODownloadMode in HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\DeliveryOptimization with a value of 0

Alternatively you might set it to BYPASS mode (100) to use BITS instead.

Jim B
  • 23,938
  • 4
  • 35
  • 58
  • You might want to address the OPs comment that a value of 0 means "HTTP only" rather than "disabled". (I'm guessing they are synonymous?) – Harry Johnston Apr 18 '19 at 23:27
  • some windows version i found: -- Updates from more than one place and some windows version i found:- Delivery Optimization we just want to stop this behavior and user system only take update from WSUS we have domain join PC around 600 and our Network got stuck when PC's taking updates this way we are think if we configure GPO so it got resolved but due to these two option we are not able to find right GPO – Biren Apr 19 '19 at 05:49
  • so for JUST wsus (no peers) use none (0) if you are OK with peer usage to increase throughput, but want to use BITS instead use bypass mode. Note that by default in Windows 10 Enterprise and Education editions, Delivery Optimization allows peer-to-peer sharing on the organization's own network only. – Jim B Apr 19 '19 at 16:19