Forum Discussion

johnsmith85's avatar
johnsmith85
Copper Contributor
Feb 24, 2022
Solved

Endpoint Manager Feature Updates not working

Hello, 

 

We used WSUS in the past and want now to migrate to WUfB and feature update profiles. The feature update policy shows "not scanned yet". All devices are hybrid joined. The WSUS GPOs are turned off.

 

Update ring settings for the pilot ring:

Update settings
Microsoft product updates
Allow
Windows drivers
Allow
Quality update deferral period (days)
0
Feature update deferral period (days)
0
Upgrade Windows 10 devices to Latest Windows 11 release
No
Set feature update uninstall period (2 - 60 days)
30
Servicing channel
Retail channel
User experience settings
Automatic update behavior
Auto install at maintenance time
Active hours start
8 AM
Active hours end
5 PM
Restart checks
Allow
Option to pause Windows updates
Enable
Option to check for Windows updates
Enable
Change notification update level
Use the default Windows Update notifications
Use deadline settings
Allow
Deadline for feature updates
2
Deadline for quality updates
2
Grace period
1
Auto reboot before deadline
Yes
 
Telemetry is set to optional and Control Policy Conflict  is set to MDM Wins Over GP. The
 
MDM Diag Report:
Intune
mobile device management (mdm)

6 Replies

  • TonyInc's avatar
    TonyInc
    Copper Contributor
    Oct 04, 2022
    Hi johnsmith85, Did you ever get a resolution. I am having the exact same issue. Everything is configured correctly, but 90% of devices never update in the reports beyond offering, regardless if they have actually updated yet. It has been a week and the reports don't update once the offer is made. Many of the devices did update, but no update in reports.
    • jbraakhuis's avatar
      jbraakhuis
      Copper Contributor
      Jul 28, 2023

      I also have a tenant with lots of "Not scanned"errors.  Nearly  all are related to Hybrid Join errors. In Microsoft Entra - Devices the join status on these devices is often "Pending" or there are duplicate entries - Hybrid Joinn and Azure AD Registered.  There are articles here on how to fix the join errors https://learn.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-current . Mostly need to use the dsregcmd /leave command , make sure the group policy for autoenrollment is switched on then reboot.  Sometimes I have to delete the device in Entra then rejoin to fix these issues. 
      Some errors also occur because the device has been switched off for a while

    • johnsmith85's avatar
      johnsmith85
      Copper Contributor
      Feb 24, 2022
      Hi Rudy_Ooms, I think everything is configured properly. We use Microsoft 365 Business Premium, could this be a licensing problem? I found this on the call4cloud.nl blog regarding quality updates:
      Make sure you are licensed to use it: Windows 10 Enterprise E3 or E5/Windows 10 Education A3 or A5/Windows 10 Virtual Desktop Access

Resources