GPO: Block Dual Scan

May 26, 2018 less than 1 minute read

Description:

So many admins seem to be confused on how to block “Dual Scan Mode” in their environment. These settings stop WSUS clients from reaching out to the internet to get updates if the WSUS server doesn’t push them. These seem to be the settings you need to set to disable Dual Scan Mode.

To Resolve:

Set the following:
- Computer Configuration\Policies\Administrative Templates\Windows Components\Windows Update = all settings to Not Enabled except “Do not connect to any Windows Update Internet locations” to Enabled
- Administrative Templates\System\Internet Communication Management\Internet Communication\ = Turn off access to all windows update features to Enabled

Reference:

“Demystifying Dual Scan”

Twitter Facebook LinkedIn

GPO: Block Dual Scan

Description:

To Resolve:

Reference:

Comments

You May Also Enjoy

Update To Building Jekyll Locally

Create PayAsYouGo Azure Subs Using Terrform

Vscode Az Module Register Issue

Github Actions: Using AKV To Get Secrets