Hello everyone,
I might be saying something wrong, so please feel free to correct me if I am.
I seem to recall that in version 2.5, you could still manually launch updates on the PC? Very handy for laptops that were taken outside and could still update themselves.
Now it seems that this is blocked by rules in the registry, specifically at the policy level.
Is there a solution?
Thanks in advance,
Guillaume
Windows Update to version 2.6
Forum Rules
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
Community Forum Rules
* English support on www.reddit.com/r/wapt
* French community support is available on this forum
* Please prefix the topic title with [RESOLVED] if it is resolved.
* Please do not edit a topic that is tagged [RESOLVED]. Open a new topic referencing the old one.
* Specify the installed WAPT version, full version, and build number (2.2.1.11957 / 2.2.2.12337 / etc.) as well as the Enterprise/Discovery edition.
* Versions 1.8.2 and earlier are no longer supported. The only questions accepted regarding version 1.8.2 are related to upgrading to a supported version (2.1, 2.2, etc.).
* Specify the server OS (Linux/Windows) and version (Debian Buster/Bullseye - CentOS 7 - Windows Server 2012/2016/2019).
* Specify the OS of the administration/package creation machine and the machine with the problematic agent, if applicable (Windows 7/10/11/Debian 11/etc.).
* Avoid asking multiple questions when opening a topic, otherwise it may be ignored. If there are multiple topics, open separate topics, preferably one after the other and not all at the same time (i.e., do not spam the forum).
* Include code snippets, screenshots, and other images directly in the post. Links to Pastebin, Bitly, and other third-party sites will be systematically removed.
* As with any community forum, support is provided voluntarily by members. If you require commercial support, you can contact Tranquil IT's sales department at 02.40.97.57.55
-
sfonteneau
- WAPT Expert
- Messages: 2318
- Registered: July 10, 2014 - 11:52 PM
- Contact :
If that were the case, it was a bug; indeed, Wapt stops the Windows Update service and restarts it on demand, so the update cannot be done manually
-
dcardon
- WAPT Expert
- Messages: 1929
- Registration: June 18, 2014 - 09:58
- Location: Saint Sébastien sur Loire
- Contact :
Hi Guillaume and Simon,
could this be related to the "Dual scan" feature that we've "better" disabled? For your information, Microsoft's "Dual scan" **by default** allows a managed WSUS client (or other) to download KBs from the Microsoft Updates website that are also provided by its WSUS server. This saves bandwidth on the WSUS server, but it's a bit strange in terms of data flow.
We handled this scenario a bit better in version 2.6 by forcing the connection through the WAPT server or secondary repositories, which may have indirectly eliminated this usage you had in version 2.5...
Is your WAPT server accessible from workstations in the field or not (DMZ)? With version 2.6 and client certificate security, it's possible to put the WAPT server directly on the internet without having to configure additional security settings (but double-check the WADS configuration first).
Best regards,
Denis
could this be related to the "Dual scan" feature that we've "better" disabled? For your information, Microsoft's "Dual scan" **by default** allows a managed WSUS client (or other) to download KBs from the Microsoft Updates website that are also provided by its WSUS server. This saves bandwidth on the WSUS server, but it's a bit strange in terms of data flow.
We handled this scenario a bit better in version 2.6 by forcing the connection through the WAPT server or secondary repositories, which may have indirectly eliminated this usage you had in version 2.5...
Is your WAPT server accessible from workstations in the field or not (DMZ)? With version 2.6 and client certificate security, it's possible to put the WAPT server directly on the internet without having to configure additional security settings (but double-check the WADS configuration first).
Best regards,
Denis
Denis Cardon - Tranquil IT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Share your experiences on WAPT! Send us your blog and article URLs in the "Your Opinion of the forum, and we'll feature them on the WAPT
Thanks for the feedback!
No, our WAPT server is only accessible internally, which is why we'd like the mobile devices that go out into the field to be able to update automatically when there are security updates.
I'm not sure what the best solutions are for this.
At one point, I started developing a script that modified the agent's configuration based on its IP address, but I didn't find that solution ideal.
Thanks for your feedback.
Have a good day.
No, our WAPT server is only accessible internally, which is why we'd like the mobile devices that go out into the field to be able to update automatically when there are security updates.
I'm not sure what the best solutions are for this.
At one point, I started developing a script that modified the agent's configuration based on its IP address, but I didn't find that solution ideal.
Thanks for your feedback.
Have a good day.
