SCCM Managed Clients get updates from Microsoft after Windows 11 Upgrade

Roger Hendrikse 246 Reputation points
2021-11-24T08:44:43.53+00:00

I am using SCCM 2107 with ADK for Windows 10 v2004, and MDT 8456. Devices are configured to get Software Updates for Office and Windows 10 via SCCM Software Update Point, and this has been working perfectly. I have also updated the Software Update Point and ADRs to download and deploy OS updates for Windows 11

I've recently started testing the upgrade of Windows 10 devices to Windows 11, by deploying the Windows 11 Upgrade as a software update. The upgrade has gone through smoothly and SCCM client seems to be working properly with Windows 11. Once issue I am noticing however, is that the Windows 11 devices seem to be getting updates directly from Microsoft on Patch Tuesday, and not from SCCM on their scheduled date. We have a 3 phase rollout of updates, on days 1, 3 and 10 AFTER Patch Tuesday, and the Windows 11 machines are in the phases that receive patches on day 3 and day 10 after Patch Tuesday.

In addition, the post update reboot notification after an update is installed on these machines is the standard Windows 11 notification, and not the one configured in SCCM (I have configured SCCM to force a reboot after updates after 24 hours, with a reminder every 30 minutes)

Any idea as to why these Windows 11 machines are getting their updates from Microsoft directly and not from SCCM, even though before being upgraded to Windows 11 they were getting updates from SCCM ?

Other than configuring the Software Update Point and ADRs, do I need to configure anything else differently in SCCM to support Windows 11 updates ?

Microsoft Configuration Manager
0 comments No comments
{count} votes

6 answers

Sort by: Most helpful
  1. Roger Hendrikse 246 Reputation points
    2021-11-25T08:09:55.65+00:00

    Thanks for your reply and the troubleshooting information. I've upgraded about 10 machines so far, and on my 2 machines, it seems to be exhibiting this behaviour. I will check the windowsupdate.log files as you suggested on my machines and ask my colleagues to get the log file from their machine too

    1 person found this answer helpful.

  2. Roger Hendrikse 246 Reputation points
    2021-11-29T08:09:49.617+00:00

    The issue I seem to have is that the WindowsUpdate log only goes back a few days, so it's not showing any updates that were done just after patch tuesday. I'll have to wait for December patch cycle to generate new log files and go through them again

    1 person found this answer helpful.

  3. Rita Hu -MSFT 9,566 Reputation points
    2021-11-25T07:11:04.387+00:00

    @Roger Hendrikse
    Thanks for your posting on Q&A.

    Please help to confirm whether the issue occurred on all the Windows 11 clients or just one client.

    We have a 3 phase rollout of updates, on days 1, 3 and 10 AFTER Patch Tuesday, and the Windows 11 machines are in the phases that receive patches on day 3 and day 10 after Patch Tuesday.
    To avoid misunderstanding, the three phases are all applied into the same device collection. Am I right? Would you mind describe the phased deployment in detail?

    In addition, we could review the windowsupdate.log to confirm where the updates from. We could open PowerShell as an administrator and print get-windowsupdatelog to get the log files. Note that the log file will be placed into the Desktop.

    Service ID will indicate where the updates come from. Here is a screenshot for your reference:
    152486-4.png

    152551-2.png

    Hope the above will be helpful.

    Regards,
    Rita


    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  4. Roger Hendrikse 246 Reputation points
    2021-11-25T09:42:34.427+00:00

    While I wait for the log files and look through them, I'll explain the phased approach we have for updates

    We have 3 phases of updates, phase 0, phase 1 and Phase 2. The phases are deployed to different collections. Phase 0 is deployed to make updates available to phase 0 devices 3 hours after the ADRs run on Patch Tuesday. Phase 1 is scheduled to make updates available to Phase 1 devices on "day 3" (3 days after patch tuesday), which is first Friday after Patch Tuesday. Phase 2 is scheduled to make updates available on day 10 (second Friday after Patch Tuesday)

    0 comments No comments

  5. Roger Hendrikse 246 Reputation points
    2021-11-25T14:42:46.79+00:00

    So looking at some logs I got back I am seeing the following sources being contacted for updates, with what I can tell are varying levels of success (seeing a lot of failure error messages, most of which I can really understand)

    Windows 11 machines

    Machine name ox205902PAWS (my machine) (records from 17/11/2021 to today)
    Windows Store
    Windows Update
    Config Manager
    OS Flighting

    Machine name ox205902VM (also my machine) (records from 19/11/2021 to today)
    Windows Store {855E8A7C-ECB4-4CA3-B045-1DFA50104289}
    Windows Update {9482F4B4-E343-43B6-B170-9A65BC822C77}
    Config Manager {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
    OS Flighting {8B24B027-1DEE-BABB-9A95-3517DFB9C552}

    Machine Name OX204329VM (Records for today and yesterday)
    Config Manager {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
    Windows Store {855E8A7C-ECB4-4CA3-B045-1DFA50104289}
    OS Flighting {8B24B027-1DEE-BABB-9A95-3517DFB9C552}

    Machine Name OX206496 (records from 19/11/2021 to today)
    Windows Store {855E8A7C-ECB4-4CA3-B045-1DFA50104289}
    Windows Update {9482F4B4-E343-43B6-B170-9A65BC822C77}
    Config Manager {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}
    OS Flighting {8B24B027-1DEE-BABB-9A95-3517DFB9C552}

    I also checked a Windows 10 machine and this shows the following sources being contacted

    OX200038VM03 (Windows 10 - records from23/11/2021 to today)
    Windows Store {855E8A7C-ECB4-4CA3-B045-1DFA50104289}
    Windows Update {9482F4B4-E343-43B6-B170-9A65BC822C77}
    Config Manager {3DA21691-E39D-4DA6-8A4B-B43877BCB1B7}

    I'm struggling to make sense of what failures to ignore as 'noise' and what is actually constituting a possible issue. Also the errors seen on the Windows 11 machines seem to be different (and more numerous) than those on the windows 10 machine

    I'm going to try and find out from the logs what source was used for specific updates by comparing Update History on the machine to the log files