Forum Discussion
Intune Windows Update/Feature Update Ring applied but clients not updating
We recently moved some of our co-managed workloads from SCCM to Intune, not pilot, and for the most part our devices are happy with our Intune Windows 10 Update Ring settings. We have a profile created for Quality updates and are also using the Window 10 Feature Updates as a separate profile. What we're seeing on some devices is the profiles are being applied to the Windows 10 device but the device is not going out to WUfB to grab the required Quality or Feature update. I can see the settings have been applied by reviewing the MDMDiagReport and these settings are identical to a working device. In Intune I can see that the device does have the proper workloads as well. What is odd though, is on the device when I look at the configured update policies, it shows that no policies have been configured yet. There are no GPO or MECM client settings that are still configured that could be stomping on the Intune policy as I've ran an RSOP and have checked to make sure the client settings have been removed.
Has anyone else seen this? Any ideas what else to check?
Thanks very much everyone!
- Hi,
isnt that because the SCCM client is still installed on the devices and a configured windows update group/point?- Hi Rudy,
We do have SCCM client and Software Update client policy disabled for all our Windows update workload computers.
We still see the WUServer in our registry path and i do not know why.- Is the workload set to Intune or Intune pilot? If it is set to "intune pilot" any device(s) not part of the selected collection will not have the workload changed.
The SCCM client policy is supposed to change the regvalues as soon as the SCCM client policy has been set to not use SCCM as SUP.
- Yes, that is probably what is going on here. The co-mgmt capabilities should give us further insights on this issue. Usually this issue comes down to co-mgmt workloads.
Hello HenrikInAB!
I am sure we can solve this together, I have some questions to get us going 🙂
- From the printscreen it seems the faulty device does not have a Primary User, is this the case for the working devices as well?
- Are the MDM-policies deployed to User och Device objects?
- Are you able to find any differences in the MECM client policy deployed to working/faulty devices?
- Please see this article. We want to make sure that we do not have a WUserver value pointing towards a WSUS-server. Configure Clients in a Non–Active Directory Environment | Microsoft Docs
- Please see this article describing feature update(s) policy and Co-Management. How to create a feature update hold for co-managed Windows 10 devices - Intune | Microsoft Docs
Let me know if above helps, otherwise we will keep digging 🙂
Best regards
Nicklas Ahlberg
Feature updates for Windows 10 and later policies cannot be applied during the Autopilot out of box experience (OOBE).
so I don’t understand is autopilot in comanaged supported for feature updates or not
I am facing exact similar issue and found .
Do we have any working solution and fix .
Note :
I can see all the registry values from : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\current\device\Update
But when i goto Settings->Windows Update -> View Configured Update Policy -> still seeing "No policy have been configured Yet"
This is happening to only some computers (not all).
Hi,
this does probably come down to Co-Management workloads not being applied to the faulty devices yet.
Please try below to start the troubleshooting:
1. Open SCCM Agent from control panel or from cmd/Powershell by running: control smscfgrc2. Compare "Co-management capabilities" score on a faulty and a functional device... do both devices have same score?
//Nicklas
