I have no idea why you are having issues, the setting to allow non admins to install updates from wsus has been around for donkeys years.
The only ones that will trigger UAC are ones that have a licence agreement!
Always structure your WSUS to match the OU groups in AD, just goto ComputerConfig/Admin templates/Windows components/Windows Updates and select and enable Allow non admins to receieve notifcations (Which you have but make sure the GPO is structured in the workstation OU).
Quote from policy
Non-administrative users will be able to install all optional, recommended, and important content for which they received a notification. Users will not see a User Account Control window and do not need elevated permissions to install these updates, except in the case of updates that contain User Interface , End User License Agreement , or Windows Update setting changes.
Also make sure your domain functional level is set to 2008 as i have ound when installing print drivers with out UAC.
I seperate users and computers in my domain, this allows me to create a properly structured GPO's, i also have mu;tiple locatiosn each with their own WSUS servers so i have to create seperate WSUS policies depending on locations.
Never had an issue with WSUS or the GPO settings allwing non admins to install
I forgot to add, dont EVER add anything to the default domain policy unless its something like pointing to certificvate server etc. I cannot tell you how much of importance structured OU groups are when using GPO's
Edited by JohnnyJammer, 27 August 2014 - 07:21 PM.