I'm using Microsoft 365 Apps for Business on about 25 RDS session hosts, and I've noticed that after successfully installing the latest build (19725) via the Office Deployment Tool (ODT), the installations keep reverting to older builds like 19029, 19328, 19426, or 19530 within hours. Some machines manage to stay on 19725, but disabling all update features only delays the downgrade, often leading to it 'healing' itself back to an older version after a day. After many attempts to resolve this by pinning the version or removing certain update mechanisms, it seems like this behavior is intended by Microsoft. The logs indicate that although I'm trying to maintain a newer version, the system defaults to older builds. Regular PC endpoints are unaffected and hold the latest version fine. From what I've read, using Shared Computer Licensing on RDS may lead to a more relaxed rule set regarding which updates get accepted. Defender is flagging the older Office versions, so I'm considering opening a Microsoft support ticket. Has anyone faced this issue, and is getting a ticket the right move?
2 Answers
You should check the registry under ComputerHKEY_LOCAL_MACHINESOFTWAREMicrosoftOfficeClickToRunConfiguration. Make sure all the settings there are accurate. Sometimes, even if it looks right, when the Click-to-Run service talks to the CDN, it may revert the target version back to an older build. If you're able to keep the C2R from connecting to the internet, then it should maintain the version installed via ODT.
RDS with Shared Computer Licensing often has strict controls when it comes to updates. The fact that your regular PCs are fine suggests that Microsoft may have throttled certain builds for RDS environments. I recommend trying to specifically switch one of your hosts to the Monthly Enterprise Channel using the CDNBaseUrl in the registry. If Defender is raising alarms, definitely contact Microsoft—they should clarify why the SCL setup is forcing you to use outdated versions.
Related Questions
Can't Load PhpMyadmin On After Server Update
Redirect www to non-www in Apache Conf
How To Check If Your SSL Cert Is SHA 1
Windows TrackPad Gestures