HP 4320t Using Microsoft® Baseline Security Analyzer 2.2 and Windows& - Page 21
How to Enable Windows Update, HKEY Local Machine, HKEY Current User - support
View all HP 4320t manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 21 highlights
• The device is end user-managed-not IT-managed. • More than one reboot may be required to complete full installation of QFEs on WES 7. • Modifications of system environment variables may be required to install QFEs and the restore system to prior state. • The Windows Update agent will be disabled via system policies by default in the HP WES 7 image. HP recommends that HP customers use the Microsoft Base Line Security Analyzers to identify needed QFEs, and then utilize a server push model to deliver QFEs and updates to deployed units. Preferably, all QFEs and updates would be pretested and qualified against a Golden Master image before being mass deployed. HP strongly recommends this model to prevent QFEs and updates from corrupting or adversely modifying deployed images. See Microsoft Baseline Security Analyzer 2.2 for more information. How to Enable Windows Update The following section explains how to enable Windows Update on HP WES 7 images. Two OS policies need to be disabled before Windows Update website will recognize and communicate with the client system. One policy is a global system policy in HKEY Local Machine and the other is user profile-specific that needs to be disabled on each user profile on the system: HKEY Local Machine HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersio n\Policies\WindowsUpdate 1. DisableWindowsUpdateAccess = REG_DWORD 0x00000001 2. Change DWORD to 0 to disable. 3. Change DWORD to 1 to enable. HKEY Current User HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion \Policies\Explorer 1. NoWindowsUpdate = REG_DWORD 0x00000001 2. Change DWORD to 0 to disable. 3. Change DWORD to 1 to enable. A reboot is required after changing registry settings to enable support. If the File-Based Write Filer (FBWF) is enabled, remember to disable to the write filer before making any registry changes. If the Enhanced Write Filter (EWF) is enabled, either disable the write filter before making registry modifications or commit the overlay after making registry changes so the settings are persisted. 21