Intune: How to prevent Windows 11 upgrade

Joey Vldn 26 Reputation points MVP
2021-10-06T16:29:51.033+00:00

Hi All,

What is the best way to prevent endpoints from upgrading to Windows 11? We now use the following settings:

Update rings for Windows 10 and later:

  • SAC
  • Feature deferral: 3 days
  • Quality deferral: 0 days

Feature updates for Windows 10 and later (Preview):

  • Feature update version: 21H1
  • Assigned to: All W10 Devices (dynamic group)

Will this prevent systems from upgrading to Windows 11?

Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
8,105 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,306 questions
0 comments
Accepted answer
  1. Crystal-MSFT 42,631 Reputation points Microsoft Vendor
    2021-10-07T02:03:13.347+00:00

    @Joey Vldn , Agree with the above answers, it will not automatically upgrade to Windows 11 unless an administrator explicitly configures a Target Version using the TargetReleaseVersion setting using a Windows CSP, a feature update profile in Intune, or the Select target Feature Update version setting in a group policy.
    138346-image.png
    https://learn.microsoft.com/en-us/windows/whats-new/windows-11-prepare#cloud-based-solutions

    From your configuration, the windows will stays at version 21H1

    Hope it can help.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    1 person found this answer helpful.
    0 comments

5 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Reza-Ameri 16,826 Reputation points
    2021-10-06T17:37:50.95+00:00

    As long as devices are enrolled to the Intune, they won't upgrade to Windows 11.
    You need to setup the deployment so the client would be able to upgrade to Windows 11.

  2. Nick Hogarth 3,436 Reputation points
    2021-10-06T22:09:10.773+00:00

    Unless you're creating a feature update policy to upgrade to Windows 11, they won't automatically upgrade. See https://techcommunity.microsoft.com/t5/microsoft-endpoint-manager-blog/endpoint-manager-simplifies-upgrades-to-windows-11/ba-p/2771886

    0 comments
  3. Limitless Technology 39,341 Reputation points
    2021-10-07T10:10:52.223+00:00

    Hi Joeyvldn,

    Thank you for your question.

    If you use Windows Update for Business to manage feature update deployments today, you'll need to leverage the target release policy instead of feature update deferrals to move from Windows 10 to Windows 11. Deferrals are great for quality updates or to a newer version of the same product (eg from Windows 10, version 20H2 to 21H1), but they cannot migrate a device between products (from Windows 10 to Windows 11).

    See more information at the link below:

    https://learn.microsoft.com/en-us/windows/whats-new/windows-11-plan#managed-devices

    ----------------------------------------------------------------------------------------------------------------------

    If the answer is helpful, please vote positively and accept as an answer.

    0 comments
  4. Sven Jansen 1 Reputation point
    2021-11-17T11:43:57.02+00:00

    I am not so sure if this is true, i see some systems in Windows Analytics popping up with update fails, it wants to update to Feature Upgrade Win11-21H2 but fails because of safeguard hold / compatibility. All my clients are set to update to Windows 10 21H1 (an all of them did it after i set it to around 3 Month ago).