Menu
I want to update group policy in windows server using command line. I don't want programatic way. I read this & this, and then tried delete registry keys based on the mapping of group policy and registry keys, but the group policy didn't got updated.
Specifically, I want to set Computer Configuration\Administrative Templates\Windows Components\Windows Update\Configure Automatic Updates to Not configured in group policy.
So, I ran following commands,
C:\Windows\system32>reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v ScheduledInstallTime /f
The operation completed successfully.
C:\Windows\system32>reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v ScheduledInstallDay /f
The operation completed successfully.
C:\Windows\system32>reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v NoAutoUpdate /f
The operation completed successfully.
C:\Windows\system32>reg delete HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU /v AUOptions /f
The operation completed successfully.
But after that the group policy wasn't updated. Do I need to run another command to propagate my registry changes to group policy? If yes, what is it? What am I missing?
I tried, gpupdate /force, it overrided my registry changes. I need converse of this.
906
Option 3: Open Local Group Policy Editor in Command Prompt From the Command Prompt, type 'gpedit. msc' and hit 'Enter.
The gpresult command displays the resulting set of policy settings that were enforced on the computer for the specified user when the user logged on.
How to change group policy from the command line? Voila:
LGPO.exe – Local Group Policy Object Utility, v1.0
51
For group policy objects in a domain, registry-based group policy settings can be configured from the command line using Powershell. If you are not running on a domain controller, the Group Policy Management Console must be installed.
See Group Policy Cmdlets in Windows PowerShell and in particular the Set-GPRegistryValue cmdlet.
You can of course run a Powershell command from the legacy command line, e.g.,
powershell get-gpregistryvalue -Name gpo-name -Key HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU -ValueName AUOptions
As far as I know, there is no command-line solution for local group policy. For local group policy, see Glenn's answer.
30
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
