Endpoint Manager Feature Updates not working

johnsmith85 · ‎Feb 24 2022

Hello,

We used WSUS in the past and want now to migrate to WUfB and feature update profiles. The feature update policy shows "not scanned yet". All devices are hybrid joined. The WSUS GPOs are turned off.

Update ring settings for the pilot ring:

Update settings

Microsoft product updates

Allow

Windows drivers

Allow

Quality update deferral period (days)

0

Feature update deferral period (days)

0

Upgrade Windows 10 devices to Latest Windows 11 release

No

Set feature update uninstall period (2 - 60 days)

30

Servicing channel

Retail channel

User experience settings

Automatic update behavior

Auto install at maintenance time

Active hours start

8 AM

Active hours end

5 PM

Restart checks

Allow

Option to pause Windows updates

Enable

Option to check for Windows updates

Enable

Change notification update level

Use the default Windows Update notifications

Use deadline settings

Allow

Deadline for feature updates

2

Deadline for quality updates

2

Grace period

1

Auto reboot before deadline

Yes

Telemetry is set to optional and Control Policy Conflict is set to MDM Wins Over GP. The

MDM Diag Report:

johnsmith85 · ‎Feb 24 2022

Hi,
Just the first thing that pops up in my mind...

https://docs.microsoft.com/en-us/mem/intune/configuration/windows-health-monitoring?id=5004252

just like i explained in this blog

Intune deploy Quality Updates | Troubleshoot installation (call4cloud.nl)

And did you happen to have read this blog

Co-Management of Windows Updates Workloads - Microsoft Tech Community

johnsmith85 · ‎Feb 24 2022

Hi Rudy_Ooms, I think everything is configured properly. We use Microsoft 365 Business Premium, could this be a licensing problem? I found this on the call4cloud.nl blog regarding quality updates:
Make sure you are licensed to use it: Windows 10 Enterprise E3 or E5/Windows 10 Education A3 or A5/Windows 10 Virtual Desktop Access

Rudy_Ooms_MVP · ‎Feb 24 2022

Feature updates should work with business premium as stated here
https://docs.microsoft.com/en-us/mem/intune/protect/windows-10-feature-updates?id=5004252

Did you happen to deploy a windows health monitoring report configuration profile?

johnsmith85 · ‎Feb 24 2022

@Rudy_Ooms_MVP Yes, windows health monitoring is configured. The feature update profile shows still "no scanned yet".

TonyInc · ‎Oct 04 2022

Hi johnsmith85, Did you ever get a resolution. I am having the exact same issue. Everything is configured correctly, but 90% of devices never update in the reports beyond offering, regardless if they have actually updated yet. It has been a week and the reports don't update once the offer is made. Many of the devices did update, but no update in reports.

jbraakhuis · ‎Jul 28 2023

I also have a tenant with lots of "Not scanned"errors. Nearly all are related to Hybrid Join errors. In Microsoft Entra - Devices the join status on these devices is often "Pending" or there are duplicate entries - Hybrid Joinn and Azure AD Registered. There are articles here on how to fix the join errors https://learn.microsoft.com/en-us/azure/active-directory/devices/troubleshoot-hybrid-join-windows-cu... . Mostly need to use the dsregcmd /leave command , make sure the group policy for autoenrollment is switched on then reboot. Sometimes I have to delete the device in Entra then rejoin to fix these issues.
Some errors also occur because the device has been switched off for a while

Endpoint Manager Feature Updates not working

Endpoint Manager Feature Updates not working

Re: Endpoint Manager Feature Updates not working

Re: Endpoint Manager Feature Updates not working

Re: Endpoint Manager Feature Updates not working

Re: Endpoint Manager Feature Updates not working

Re: Endpoint Manager Feature Updates not working

Re: Endpoint Manager Feature Updates not working

Products (51)

Special Topics (28)

Video Hub (447)

Most Active Hubs

Most Active Hubs

Video Hub

Endpoint Manager Feature Updates not working