[edit] just remembered why I keep on doing it despite your valiant efforts to discourage me and probably why MS recommended it in the past as a valuable troubleshooting step: If those catroot2 databases get corrupted, CryptSvc cannot start and then WU is KO. And there's a higher than 0 chance of corruption when brute-forcing services off while WU is in limbo, or user restarts the PC for example. Sure, it got better with delayed transactions instead of direct writes in modern versions, but 1809 and older are still garbage (specially 1703 - I use it a lot since it's the most broken 10 version haHA). So why take a chance? I'd say it's the responsible thing to do with not much if any downsides (unless you know of such scenario). CryptSvc will just read CatRoot again into those catroot2 databases.
You know what I mean. CryptSvc no longer spams this every second: So technically it is CryptSvc that does it (initialization) and then some other WU service populating it.
Fun story: i was playing with Windows 11 upgrade (+ _Skip_TPM_Check_on_Dynamic_Update_v7) and i got hard block because it detected WSUSSetup.exe file on my storage partition, saying i have to uninstall WSUS first
Yes! /Product Server is not a carte-blanche - but it's the most successful overall for Dev update via WU atm. I've encountered some other quirks with registry keys on hybrid os. I personally hate that I have to hijack setuphost. If windowsupdatebox was not sandboxed I could have played around with options and generate the compatibility report on server, but run setup normally.
I actually ment the level of intelligence to block upgrade merely based on a file name, not detecting if WSUS is really installed
Well that has always been the case. Global names that can be on any path. Hard-coded installer detection. SDBs. IFEO. So.. low expectations
Is it recommended to use Mediacreationtool.bat all the time? And I just read the text file and compared the contents against the description at the start of this thread. One thing I've noticed is that the readme.md file accompanied with the bundle mentions that the .bat file allows the creation of a local account, one option that was excluded in the release of Windows11, but the original post in this thread does not mention that. Did the updated version of the media creation tool exclude that option as well? Apologies for asking those questions, but I need to know. EDIT: And another thing: do I need Windows 10 to operate the Mediacreationtool? When downloading 11, I tried using Windows Powershell 3.0; I also tried to enable BITS Server, but it's already enabled, and I tried to enable Powershell scripts, but there aren't any. All attempts have failed when using Windows 7 x64.
I’m trying to set a persistent registry entry for Bypass TPM, SecureBootCheck and RAM check within a Windows 11 AIO that I have made myself from the Microsoft Official ISO.s. I’m aware to the registry hack but would like to have the LabConfig changes to always be there. Is this possible and if so how? thanks
When I run Rufus it only gives me the option of Standard Windows 11 installation. Trying to fun this on the Consumer and Business Client download.
Not even a "thank you?" Just kidding. Sorry to hear that it doesn't solve the problem. Apologies. I'll try something else.