Blog Post

Intune Customer Success
1 MIN READ

Known Issue: Remediation message doesn't list all valid builds in Company Portal for Windows 10/11

Intune_Support_Team's avatar
Sep 09, 2022

There’s a known issue with the noncompliance messaging details that appear in Company Portal for Windows 10/11 devices. When a device is identified as noncompliant due to having a Windows build outside the ranges an admin specifies in the Intune compliance policy, a remediation message is displayed in the Company Portal indicating the operating system (OS) needs updating along with a valid range of OS versions. However, when multiple OS ranges are specified in the policy by configuring the Valid operating system builds compliance setting, the message in the Company Portal will only display the first OS build range rather than all acceptable ranges.

 

The compliance policy is being enforced correctly despite the missing ranges in the remediation messaging. To make the device compliant, update the device OS build to a version within the specified acceptable range in the compliance policy.

 

Here’s an example of the scenario, the compliance policy below has two ranges within the Valid operating system builds setting 10.0.19044.1288 - 10.0.19044.1949 and 10.0.22000.438 - 10.0.22000.918.

 

Screenshot of a new Windows 10/11 compliance policy with a few settings configured from this blog post.

 

If a device’s OS falls outside of those ranges, they’ll correctly receive a remediation message in the Company Portal, but the message will only display the first range: 10.0.19044.1288 - 10.0.19044.1949.

 

Screenshot of a managed Windows 11 PC and its current compliance settings under the Intune Company Portal.

 

If you have any questions or comments for the Intune team, reply to this post or reach out to @IntuneSuppTeam on Twitter.

Updated Dec 19, 2023
Version 6.0
  • Amarjeet5's avatar
    Amarjeet5
    Iron Contributor

    Hello,

     

    The screenshot in the blog contradicts the recommendation from the linked document.

     

    "Minimum and maximum OS versions might be suitable if you have standardized on a single Windows 10 release, but might not address your requirements if you need to use multiple builds, each with specific patch levels. In such a case, consider leveraging valid operating system builds instead, which allows multiple builds to be specified as per the following example"

     

    Are you utilizing both Minimum OS and Maximum OS and valid OS builds?

     

    I am seeing this issue on devices with valid build ranges.