Intune WUfB Feature Update Policy To Upgrade Windows 10 21H1

Let’s learn Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager. In this post, you will see how to upgrade to Windows 10 21H1 with the Intune WUfB Feature Update policy.

The Intune Windows Update for Business (WUfB) Feature Update Policy enables IT administrators to keep Windows 10 devices updated with the latest security defences and Windows features by directly connecting these systems to the Windows Update service.

WUfB lets you control update offerings and experiences, allowing for reliability and performance testing on several devices before deploying updates across the organization.

Microsoft’s Software Update Patching process helps Intune admins configure Windows Update for Business (WUfB) policies for efficient patch management. This involves using Intune and WUfB.

Video Tutorial – Intune Policy & Patching Configuration for Windows Update for Business

Explore the Video Guide From HTMD, Free Intune Training, Intune Policy & Patching Configuration for Windows Update for Business, and more!

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Video 1

Types of Intune Policy to Manage Windows Updates

Intune provides the following policy types to manage updates, which you assign to groups of devices:

Windows 10 update ring: This policy is a collection of settings configured when Windows 10 updates are installed. Update ring policies are supported for devices that run Windows 10 version 1607 or later.

Windows 10 feature updates (public preview): This policy updates the device to the Windows version you specify and then freezes the feature set version on those devices. This version freezes until you update them to a later Windows version. While the feature version remains static, devices can continue to install quality and security updates available for their feature version. Feature update policies are supported for devices that run Windows 10 version 1709 or later.

Prerequisites for Windows 10 Feature Updates Policy

The device must be running Windows 10 version 1709 or later.
The device must be enrolled in Intune and joined by Hybrid AD or Azure AD.
The device must have telemetry turned on, with a minimum basic setting.
Feature updates are supported for the following Windows 10 editions –
- Windows 10 Pro
- Windows 10 Enterprise
- Windows 10 Pro Education
- Windows 10 Education

According to Microsoft, Intune supports Windows 10 Enterprise LTSC 2019 and later, including features such as Windows Autopilot. However, Windows 10 Update Rings Device profiles do not support LTSC releases. Therefore, you should use a Policy configuration service provider, WSUS, or Configuration Manager for patching.

Limitations

When you deploy a Windows 10 feature updates policy to a device that also receives a Windows 10 update ring policy, review the update ring for the following configurations –

The Feature update deferral period (days) must be set to 0.
Feature updates for the update ring must be running. They must not be paused.
Configures the Windows update setting the following Windows 10 Servicing channels –
- Semi-Annual Channel

Note – Beginning with Windows version 1903, the use of the Semi-Annual Channel (Targeted) (SAC-T) is retired. With this change, SAC-T merges with the Semi-Annual Channel.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.1 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.1

Windows 10 feature updates policies cannot be applied during the Autopilot out-of-the-box experience (OOBE). Instead, the policies apply at the first Windows Update scan after a device has finished provisioning, typically a day.

Create and Assign Windows 10 Feature Updates Policy

Sign in to the Microsoft Endpoint Manager admin center.
Select Devices > Windows > Windows 10 Feature updates > Create profile.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.2 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.2

Specify a name and a description (optional), and for Feature, update to deploy. Then, select the version of Windows with the feature set you want from the drop-down list and select Next.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.3 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.3

Under Assignments, choose + Select groups to include and assign the feature updates deployment to one or more device groups. Select Next to continue.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.4 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.4

Review the selected groups and Click Next.

Important—Make sure you’re selecting the correct assigned device group. To validate members, navigate to Groups > All Groups (Search groups) > Select Group > Members.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.5 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.5

Review the settings under Review + Create. When ready to save the Windows 10 feature updates policy, select Create.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.6 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.6

A notification will appear automatically in the top right-hand corner with the message Windows feature update deployment successfully created and assigned. The created policy will appear here, as shown below.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.7 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.7

End-User Experience Windows 10 Version 21H1

In the Windows 10 device, under Windows Update, you can see the policy is applied, and Windows 10 has downloaded the update, is ready to install, and is waiting to restart the computer to finish up.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager - Fig.8 — Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager – Fig.8

Reporting

Once the policy is assigned to the device, it will check in and install the Windows 10 21H1 feature update as per the configured policy. You can verify Devices > Windows > Windows 10 feature updates > Select Feature Updates Policy > End-user update status.

Let’s check the Windows 10 feature update Intune report from Intune Portal (Endpoint Manager portal) – Windows 10 Feature Update Intune Report | Endpoint Manager

Troubleshooting

Intune Windows 10 Feature Update Troubleshooting with registry Entries – WUfB Registry Entry – Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\WindowsUpdate\UpdatePolicy\PolicyState

WUfB Event Log 1 – Policy – Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider/Admin
WUfB Event Log 2 – WUA – Microsoft-Windows-WindowsUpdateClient/Operation

Intune Troubleshooting Windows Update for Business WUfB

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager -Video 1

Resources

Windows 10 feature updates policy in Intune
Free Intune Training for Device Management Admins

Author

Jitesh Kumar has over five years of experience in the IT Industry. He writes and shares his experiences related to Microsoft device management technologies and IT Infrastructure management. His primary focus area is the Windows 10 Deployment solution with Configuration Manager, Microsoft Deployment Toolkit (MDT), and Microsoft Intune.

1 thought on “Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager”

srinivas

August 28, 2024 at 5:32 pm

@jitesh kumar
can we patchfeature,quality updates to byod windows devices using intune.

Intune WUfB Feature Update Policy to Upgrade Windows 10 21H1 | Endpoint Manager

Sign up to get the best of How To Manage Devices straight to your inbox!

Table of Contents