Windows 10 Feature Update while device moves from ConfigMgr to intune

Brass Contributor

I have a Cloud Sync Collection that i use to sync devices from a on-prem WSUS solution to using Intune Update Rings. This very same Cloud Sync collection is also targeted for Feature Update lock to v1909.

 

What i see now is that in the process of moving a device from on-prem Wsus to Intune Update Ring, there is a delay before these settings from Intune come into effect, and during that time, WU take it up itself to push V2004 for the device.

 

I can think of a few ways to possible delay/stop this from happening, but what is the best option to do it? use a GPO/ConfigMgr, seperate cloud sync collections, AAD device groups etc??

2 Replies

@Thomas Førde Dune here from the MEM team- unfortunately we are aware of this issue. Right now moving the co-management workload paired with the Feature Updates (preview) can cause a race condition where devices reveive unexpected feature updates. This is documented here https://docs.microsoft.com/en-us/mem/intune/protect/windows-update-for-business-configure#windows-10... and will be addressed with a future upgrade to ConfigMgr.

@Dune Desormeaux Im now also seeing this in Intune aswell. I have several devices that has been feature update locked to 2004 for at least 2 months now, and they all suddenly upgraded to 20H2 overnight. 

 

so this is not only a race condition with moving co-management, its a feature that doesnt seem to work at all.