A blocking tool is available for organizations that have AU enabled on their servers to ensure prompt delivery of critical updates, but would like to temporarily disable delivery of the Windows Server 2003 SP2 automatic update through AU that is set to take place starting June 12, 2007.
The blocking tool will also prevent the Windows Server 2003 SP2 from being offered through Windows Update and Microsoft Update.
Please note that the mechanism to temporarily disable delivery of Windows Server 2003 SP2 will be available until March 13, 2008. At the end of this period, Windows Server 2003 R2 SP2 will be delivered to all Windows Server 2003 servers.
This toolkit contains three components:
- A Microsoft-signed executable
- A script
- An ADM template
1) The executable creates the registry key and sets the associated value on the server upon which it is run, to block or unblock (depending on the command-line option used) the delivery of Windows Server 2003 SP2 to that server, through AU or WU. The key used is HKLM\Software\Policies\Microsoft\Windows\WindowsUpdate
When the /B
command line option is used, the key value name ‘DoNotAllowSP’
is created and its value sets to ‘1’
. This value blocks delivery of Windows Server 2003 SP2 to the server through AU or WU.
When the /U
command line option is used, the previously created registry value that temporarily blocked the delivery of Windows Server 2003 SP2 to the server through AU or WU is removed. If the value does not exist on the server from which it is run, no action is taken.
2) The script does the same thing as the executable, but allows specification of the machine name upon which the action should be taken, so a remote system can be specified on which to block or unblock delivery of Windows Server 2003 SP2.
Note that the executable and script have been tested only as a command-line tool and not in conjunction with other systems management tools or remote execution mechanisms.
3) The ADM template allows administrators to import the new group policy settings to block or unblock delivery of Windows Server 2003 SP2 into their Group Policy environment, and use Group Policy to centrally execute the action across systems in their environment.
More information on this tool kit