Microsoft tells IT admins to turn off legacy group policies to improve Windows performance
Though the recommendations are supposed to simplify the management of environments, admins say they are being given conflicting advice from the company
Microsoft has published a list of 25 group policies in Windows 10 and Windows 11 that admins should disable in order to improve overall software performance.
The article, posted to the Windows IT Pro Blog, has been met with anger among the admin crowd as most of the policies are related to effective update management - a sore topic of late given Microsoft's bungling of recent Windows patches.
Author of the blog post, Aria Carley, senior program manager at Microsoft, said the legacy group policies are a result of numerous changes to Windows over the years and, since Windows 10 version 1511 was released in 2015, the way notifications, update behaviours, installations, and restarts have all changed considerably.
"We have also worked to evolve and simplify the controls needed to support these improved experiences, and identify which older policies have become irrelevant or replaced with a better option," said Carley. "As a result, the Windows update policy set contains policies that no longer have any impact; that don’t work as described on devices running Windows 10, version 20H2 or later; or that work but not as well as the policies that were added to accomplish a similar experience in a much better way."
Though the cleanup of legacy policies was designed to simplify things for Windows admins, the community has expressed concern that it may do the opposite, according to complaints posted to Reddit.
Work from anywhere: Empowering the future of work
Employees want to work from anywhere, IT needs to be able to support this shiftFree download
Complaints largely revolve around the 'instability' of Windows following update releases, the increasing complexities involved with managing Windows environments in businesses, and applying updates easily.
"Oh great and most [policies] are patching related," one user wrote. "As if controlling patches for Windows 10 wasn't enough of a pain in the ass already..."
One user also drew attention to the conflicting information provided by Microsoft on the matter. The 25 group policies that Microsoft recommends should be disabled are thought to conflict with the settings in Microsoft's own Windows Update Baseline Toolkit.
"I checked, and frustratingly, many of the recommended settings from Aria's article conflict with the settings from Microsoft's own Windows Update Baseline Toolkit," one user wrote.
According to Microsoft, this toolkit provides a set of tools that allow admins to download, test, edit, and store Microsoft-recommended policy configurations for optimal deployment and device management.
Microsoft has made it especially easy for Windows 11 admins to check which policies should be disabled by adding a sub-folder in the 'Windows Update' directory named 'Legacy Policies', which should only contain the group policies that need to be switched off.
Microsoft said applying the recommendations will lead to better control of Windows environments and admins will encounter fewer unexpected behaviours. "At the end of the day, it is best to leverage the default experience," said Carley. "Not only do defaults provide the best experience, they are also the most effective at keeping devices up to date."
ZTNA vs on-premises VPN
How ZTNA wins the network security gameFree Download
The global use of collaboration solutions in hybrid working environments
How companies manage security risksFree Download
How to build a cyber-resilient business ready to innovate and thrive
Outperform your peers in your successful business outcomesFree Download
Accelerating your IT transformation
How Cloudflare is innovating for CIOs to start 2023Watch now