Feature updates not working

Shaun Slater 61 Reputation points
2022-10-25T12:38:49.733+00:00

We are currently using Intune to push feature updates and trying to upgrade machines on older versions to the latest version we are currently pushing out (21H2).
We think we have configured Intune correctly and have policies set up in these places:

• Windows update rings for Windows 10 we set the feature update deferral period to 0 days as recommended by Microsoft.
• Feature updates we have devices assigned and rollout option is set to immediate start and the version we have selected is Windows 10, version 21H2.
• We have a OS upgrade to Windows 10 E configuration profile that applies MAK from LVSC to bring Windows 10 devices up to enterprise.
• We have expediated updates setup and configured correctly as well.

The number of 20H2 devices in our estate is decreasing so the rules do work but it is too slow. Is there a way to speed this up, many devices are still two versions behind and this is a problem from a security point of view which we would like solved.

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,945 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,321 questions
0 comments No comments
{count} votes

1 answer

Sort by: Most helpful
  1. Caleb-MSFT 11 Reputation points
    2022-10-26T07:26:53.677+00:00

    @Anonymous , Thanks for posting in our Q&A. From your description, I know you have deployed a profile which upgrade old windows version to Windows 10 21H2 and set the feature update deferral period to 0 days. The policy is worked, and some windows machines are updated . But the speed is slow, you want to know if there is a way to speed up the progress. If there is any misunderstanding, feel free to let us know.

    For those computers that are not updated, I suggest you check if the policy is applied on the computer in Intune portal, if the registry keys in the following location are changed on the device side:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Update.

    For more information, here is an article for reference:
    https://techcommunity.microsoft.com/t5/intune-customer-success/support-tip-troubleshooting-windows-10-update-ring-policies/ba-p/714046#:~:text=1%20Check%20the%20policy%20deployment%20status%20in%20the,4%20Check%20the%20MDM%20diagnostics%20report%20More%20

    In Intune, there’s another option 'Deadline for feature updates” which specific the number of days a user has before feature updates are installed on their devices automatically. We can try to set the minimum value as 2 days to see if it can help.

    In Fact, Windows Update Ring policies only define an update strategy, they don’t actually provide the update infrastructure itself. This means you need to use your existing update solution such as Windows Update or WSUS to obtain the actual updates. However, if the policy is applied but the devices are still not updated, you can open a new thread and add tag "windows10-general" to involve windows support to see if there’s any method to speed the update progress on windows update side.

    Hope the above information can help.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.