On the suggestion of checking the Power Management settings by @joeqwerty I created a new Power Plan with the following settings:
- Display -> Turn off display after -> On battery (minutes): 0
- Display -> Turn off display after -> Plugged in (minutes): 0
I set this as the active power plan, and applied the GPO. After 25 minutes the machines are no longer automatically locking.
Here are the full steps for creating this:
- In Group Policy Management Editor, edit the target GPO
- Go to Computer Configuration\Preferences\Control Panel Settings\Power Options
- In the right pane, right click and select New -> Power Plan (At least Windows 7)
- In the Advanced settings tab, select the Create action
- Enter a new plan name (e.g. "Don't lock")
- Select Set as the active power plan
- Expand Display -> Turn off display after
- Change On battery (minutes) to 0
- Change Plugged in (minutes) to 0
- Click Apply, OK
- Apply the GPO to the target machine(s)
TL;DR:
Clear your C:\Windows\Temp directory and other Temp directories for good-measure - then it should install updates fine.
Explanation:
As this is an Azure VM, Microsoft's "Basic" support tier is available - granted it took 3 days to arrange a phone-call, but the support staff were able to find a workaround just today.
In the CBS.log file he spotted this line (trimmed and tidied-up by me):
2016-08-16 20:26:50, Error CSI 00000006@2016/8/16:20:26:50.808 (F) CMIADAPTER: Inner Error Message from AI HRESULT = 8004402f [Error,Facility=FACILITY_ITF,Code=16431 (0x402f)]
[
[210]"Parsing MOF file: C:\Windows\system32\wbem\NetTCPIP.mof
Error 80 in Function CMofLexer::CMofLexer line 614
C:\Windows\system32\wbem\NetTCPIP.mof (1): error SYNTAX 0X8004402f: Error creating temporary file"
]
[gle=0x80004005]
The important bit being this error:
Error creating temporary file
He instructed me to change the default environment-variables: TEMP and TMP in both System and User definitions to C:\TEMP and to ensure Everyone had Full Access to C:\TEMP.
After rebooting the clogged-up updates installed without any further issues.
After installing those updates fine I then deleted all of the files in the original C:\Windows\Temp directory (which took 5+ minutes, there were a lot of deeply nested files). I then reset the TMP and TEMP environment variables back to C:\Windows\Temp and rebooted.
Two new updates were then ready to install and installation completed without any problems.
So I think the problem was bad data in the Temp directory that prevented the updates from doing anything.
Update in Mid-2017: I had a similar incident on a Windows 10 laptop recently with the same error code. I immediately went to the C:\Windows\Temp directory and saw it had a lot files in it (about 16,000 files and folders), including deeply-nested folders too. After I deleted everything in the directory and rebooted I was able to install the updates again.
Best Answer
RC4 is not disabled by default in Server 2012 R2. It only has "the functionality to restrict the use of RC4" build in. You will have to set the required registry keys by your own:
https://social.technet.microsoft.com/Forums/en-US/faad7dd2-19d5-4ba0-bd3a-fc724d234d7b/how-to-diable-rc4-is-windows-2012-r2?forum=winservergen