Share via

Deploying Windows 11 with Intune

Nick Bodane 11 Reputation points
2022-03-07T23:46:06.27+00:00

Hey everyone,
I seem to be struggling with deploying Windows 11 with Intune.
I have created a Feature Update policy and Update ring that is dedicated for Windows 11 devices. Both update policies have the assigned test device group. The test device group has been excluded from our normal update ring. The deadline days are low on purpose to expedite wait times.

Windows 11 is not automatically downloading and installing on these devices. They have been left on and plugged in overnight but nothing has happened. The only thing I noticed was that the Windows 11 banner appeared on the windows update page with a button to download and install. From endpoint manager, the report shows that the feature update was offered (and is pending) and the ring deployment was successful, but the wait time exceeds the deadline/grace period.

I've read through a lot of docs and forums, but I still can't get it right. Am I missing something, or do I need to be more patient? Any help is much appreciated.

I've included both the feature update and update ring policy:
180841-win11-1.png

180842-win11-2.png

Windows for business Windows Client for IT Pros User experience Other
Microsoft Security Intune Other
0 comments

3 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Limitless Technology 44,751 Reputation points
    2022-03-14T16:03:09.23+00:00

    Hi @Nick Bodane

    To resolve your concern with upgrade to Windows 11 using Intune via feature update deployment requires the following prerequisites.

    First, your organization must have one of the following subscriptions for deploying feature update in Intune

    Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5)
    Windows 10/11 Education A3 or A5 (included in Microsoft 365 A3 or A5)
    Windows 10/11 Virtual Desktop Access (VDA) per user
    Microsoft 365 Business Premium

    Second, the device in Intune should be running a supported version of Windows 10. The device must be enrolled in Intune MDM and be Hybrid AD joined or Azure AD joined.

    Third, And most important of all,the device should meet the Windows 11 minimum requirements to upgrade to Windows 11 in Intune.

    When the requirements are all met do the do the following steps.

    1. Sign in to the Microsoft Endpoint Admin center (Intune Portal).
    2. In the portal, go to Devices > Features Updates for Windows 10 and later.
    3. Click Create Profile and define the required Windows 11 upgrade settings in the policy.
    4. On the Deployment Settings tab, enter the name of the policy as Upgrade to Windows 11 using Feature update deployment or something similar. You can add a description about what this policy does.
      Under Feature Deployment settings, select Windows 11 as feature update to deploy. You must click the drop-down and select Windows 11.
      On the Assignments tab, add the AAD groups to which you want to target the Windows 11 upgrade policy.Click the +Add Groups button and select the group.
    5. I would recommend adding Test groups or Pilot groups in Intune first and perform a Windows 11 upgrade test. If everything goes well, you can plan to upgrade the remaining devices to Windows 11 in phases.
    6. Click Next.
    7. Finally, on the Review + Create tab, click Create.

    You should see two notifications related to feature update deployment.

    a. Windows feature update deployment successfully created.
    b. Windows feature update deployment successfully assigned.

    Under Feature Updates for Windows 10 and later, you can see the new profile that we created for Windows 11 upgrade.

    The Windows 11 upgrade is complete. You must restart the computer to install the latest Windows feature update. Click Restart Now.

    This completes the steps to upgrade to Windows 11 using Intune.

    --
    If the reply was helpful,please don’t forget to upvote or accept as answer, thank you.

    6 people found this answer helpful.
  2. Reza-Ameri 17,336 Reputation points Volunteer Moderator
    2022-03-14T16:37:13.487+00:00

    There is possibility that they have Safeguard hold meaning due to compatibility issue the update is pending and once issue has been fixed, then it will be deployed . Take a look at:
    https://learn.microsoft.com/en-us/windows/deployment/update/update-compliance-feature-update-status#safeguard-holds

    2 people found this answer helpful.
    0 comments
  3. kennedy kolute 1 Reputation point
    2022-06-27T08:23:46.51+00:00

    I concur with Reza.

    I had the same issue, apparently opting out of safeguard hold resolves the pending update on Intune. For machines with pending compatibility issues the error reflects on the device and the machine after the update proceeds.

    215305-image.png

    215246-image.png

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.