Blog Post

Windows IT Pro Blog
5 MIN READ

Expanding IT value in Windows 11 Enterprise and Intune

Harjit_Dhaliwal's avatar
May 23, 2023

Today we announced new enhancements to Windows 11, many of which will start to be available tomorrow. For IT-managed devices, many of these innovations will begin rolling out with the July 2023 monthly security update for Windows 11, version 22H2, with early testing available through the June 2023 optional non-security preview release.

Here are three highlights from today's announcement that I think will be of most interest to you in the IT community:

  • Windows 365 Boot will be available in public preview tomorrow. With Windows 365 Boot, instead of logging into Windows 11 to access a Windows 365 Cloud PC, users with a PC running Windows 11, version 22H2 can boot directly into their Cloud PC. If you're testing or deploying Cloud PCs in your organization, I recommend evaluating this feature!
  • With Bluetooth® Low Energy Audio[1], Windows 11, version 22H2 brings you high-quality audio at low power for calls, videos, and music on compatible devices, including wireless earbuds.
  • Also included in the upcoming update for Windows 11, version 22H2 is glanceable VPN. It's a great addition into the Windows 11 experience where a user can quickly determine whether their VPN is connected by observing if the VPN badge on the networking icon in the System Tray is on or off.

In addition to continuous innovation for all Windows users, organizations can take advantage of ongoing improvements to Windows 11 Enterprise and the tools used to deploy, update, and manage it effectively. In addition to a single, predictable annual feature update that is supported for 36 months, Windows 11 Enterprise supports a set of cloud-based capabilities that you can adopt when you are ready.

Organizational messages generally available May 31st!

Organizational messages are a highly effective way to deliver a targeted, branded, and personalized call-to-action to a specific group of employees via native Windows 11 surfaces like the Notification Center, right above the taskbar, and within the Get started app.

  • When deploying Windows 11 Enterprise, you can use organizational messages to communicate with employees through the Get started app and help them find information or make suggestions on how to set up their new Windows 11 device.
  • IT admins can easily create and manage personalized messages using Microsoft Intune as well as track engagement and update messages at any time.

If you're looking for motivation to get started, customers that participated in the organizational messages preview observed an improved user experience when clear and actionable messages were received. In fact, on average, they saw a 4x higher click-through rate than traditional corporate IT emails.

Ready to get started? See today's post on Reach users effectively: organizational messages in Windows and bookmark our organizational messages documentation to learn more.

Windows feature updates in Windows Autopatch: now in preview

More deployment assistance is on the way. You can now delegate the rollout of Windows 11 feature updates to us using Windows Autopatch. You retain control over targeting, staggering the update in phases and pausing at any time. Additionally, using the new Autopatch groups capability, you can target updates to devices in specific geographies or lines of business, and create up to 15 deployment rings. By setting up Windows Autopatch to deploy your feature updates, you and your IT team save valuable time, enabling you to focus on other priorities. For more information on this and a slew of powerful new preview features, see What's new in Windows Autopatch.

Managing Windows driver and firmware updates in Intune

Maintaining a diverse set of devices and related drivers and firmware can be complex. That's why Microsoft has collaborated closely with many device manufacturers to provide you with certified and validated drivers, and the control and reporting you require.

Leveraging the cloud intelligence delivered by the Windows Update for Business deployment service, Intune will soon provide you with the ability to control the deployment of driver and firmware updates from Windows Update to eligible cloud-attached enterprise devices. This capability will be available to organizations with a minimum of Windows Enterprise E3 or equivalent.

For more information, see Coming soon to Microsoft Intune: Windows driver and firmware updates. We'll publish a step-by-step guide once we reach general availability.

Universal Print secure release with QR code on the Microsoft 365 mobile app

Universal Print simplifies IT management with enhanced security by moving your printing to the cloud, eliminating print-servers and the need to install and update printer-drivers.

Need to print private or confidential content? With Universal Print secure release for Android, you no longer need to rush to a shared printer as soon as you send a print job to ensure that no one sees your document. In addition, this capability can reduce the waste caused by someone accidentally picking up something printed by another person, or a document not picked up at all and discarded. Here's how it works:

  • The admin uses the Azure portal to configure the printers for which they want to enable secure release. They then print a QR code and affix that code to each printer.

    Screenshot of a QR code in the Job release options menu
  • The admin requests that employees in their organization install the Microsoft 365 app on their Android phones. (Tip: They could do this using organizational messages!)
  • The user downloads the most recent Microsoft 365 app for their Android phone, and signs into their account.
  • When the person who sent a document arrives at the printer and scans the printer's QR code with the Microsoft 365 app, they'll select the print jobs they want to release to this printer, and the document will be printed.

Visit our Universal Print service docs to learn more.

Get ahead of 2025 with Windows Enterprise!

We continue to see many organizations successfully adopt and benefit from Windows 11 Enterprise. In fact, organizations that have deployed Windows 11 Enterprise, such as Krones and L'Oréal, will confirm that most employees quickly grow accustomed to the modern Windows 11 user experience because the navigation is similar to, but simpler than, Windows 10. If you need a little help with communicating with your employees before and after the update to Windows 11, download the Windows 11 onboarding kit for helpful tools and templates. And, to learn more about the features and benefits of Windows Enterprise subscription, head over to the Windows Commercial Licensing overview.

Keep your momentum going with AMAs on the Tech Community!

In addition to our monthly Windows Office Hours and Windows 365 Ask Microsoft Anything (AMA) events, we are hosting a four-hour block of AMAs next Wednesday, May 31st as part of a special Windows edition of Tech Community Live. Visit https://aka.ms/TCL/Windows to learn more, add the sessions to your calendar, and log in to post your questions!


Continue the conversation. Find best practices. Bookmark the Windows Tech Community and follow us @MSWindowsITPro on Twitter. Looking for support? Visit Windows on Microsoft Q&A.


[1] Available in the May 2023 optional non-security preview release (this feature is hardware dependent).

Updated May 26, 2023
Version 3.0
  • " For IT-managed devices, many of these innovations will begin rolling out with the July 2023 monthly security update for Windows 11, version 22H2, with early testing available through the June 2023 optional non-security preview release."  I thought that for all of these "moment" features that they would not be offered to IT managed devices unless you enabled "Enable features introduced via servicing that are off by default" --- see https://oofhours.com/2023/03/02/want-to-block-windows-11-moments-that-add-new-features/

  • wroot's avatar
    wroot
    Silver Contributor

    I thought so also, Susan, but as last time most features reached our devices and we don't have this GPO set i have asked in the recent blog post and they said this setting is only for disruptive features and i guess they do not deem any feature as such yet or who knows when and which will be categorized as such.

  • wroot's avatar
    wroot
    Silver Contributor

    Aha "Features that may be disruptive to organizations will be off by default for all Windows update managed devices until the device enables the policy."

    But so far there were no clear information what features will be disruptive in MS view. And what if we want to delay tabs in Notepad or search in Task manager until our documentation is up to date? As far as i know only the new search functionality was deemed this way and it still had its own GPO to control.

  • wroot's avatar
    wroot
    Silver Contributor

    Thanks! Will bookmark for sure. So far just one feature. This makes deploying say 23H2 a bit awkward this year as it is almost just a version bump. Which is still useful as support date extends, but is not that much a feature update anymore. Unless you are going to put more under control for summer Moment update.