Forum Discussion
Is there a way to update users computers via intune?
Is there a way to set up a policy via intune or Active Directory that automates Windows updates for all our end user computers?
- That's a great question! While we recommend you maintain the default settings, the one setting we do recommend you set it deadline. Configuring deadline will enforce users to have to take the update within X number of days you specify. If a user pauses the update, the deadline counter will start once the the pause has ended so that the user has to take the update after pause. End users will be offered a chance to update through a walkthrough before the device is forced to update and reboot. You can check out more details about setting a compliance deadline and the end user experience here: https://docs.microsoft.com/en-us/windows/deployment/update/wufb-compliancedeadlines
7 Replies
- Kay_Toma
Microsoft
Hi BBI-Kyle , Within Intune you can create Win10 device update rings. Within the update ring there are policy settings regarding the update process. We recommend you do not change any of the default settings. As you create the update ring you can add a device group of the group of devices you want to get updated by Windows Update. Check out the below for a walkthrough!
Configure Windows 10 update rings policy in Intune - Azure | Microsoft Docs
Kay_Toma Will this work on computers that are not currently connected to our Domain Network?
For example,
John Doe brings his computer home and we sent out a trigger to update computers that are part of the update ring. Will his computer be updated? Also, will the end-users have the ability to cancel or delay the updates triggered by update ring?- Kay_TomaAs long as the devices are enrolled in Intune and Azure AD Joined, the devices will be able to take the updates from home even when not connected to your domain network. In your example, assuming John Doe's computer is enrolled in Intune (and hence Azure AD Joined), his device will be updated.
End users have the ability to pause an update for up to 35 days which they can set by going into Windows Update settings.
- AriaUpdatedYes. You can definitely configure policy such that devices are automatically updated. Further, that is also the default behavior as well..
