Windows 10 1909 devices not being offered 20H2 via WUfB

%3CLINGO-SUB%20id%3D%22lingo-sub-2610309%22%20slang%3D%22en-US%22%3EWindows%2010%201909%20devices%20not%20being%20offered%2020H2%20via%20WUfB%3C%2FLINGO-SUB%3E%3CLINGO-BODY%20id%3D%22lingo-body-2610309%22%20slang%3D%22en-US%22%3E%3CP%3EHi%2C%20we%20have%20co-managed%20devices%20with%20the%20Windows%20Update%20workload%20moved%20to%20Intune.%20We%20started%20with%20the%20feature%20update%20deferral%20policy%20set%20to%20zero%20and%20applying%20a%20feature%20update%20profile%2C%20but%20started%20to%20experience%20the%20known%20issue%20with%20co-managed%20devices%20upgrading%20to%20the%20latest%20version%20of%20Win%2010%20despite%20what%20is%20set%20in%20the%20profile.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3ESo%20we%20moved%20from%20a%20feature%20update%20profile%20to%20the%20TargetReleaseVersion%20CSP%20which%20was%20at%20one%20stage%20recommended%20in%20the%20docs%20as%20a%20workaround%20for%20the%20issue%3A%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Ftroubleshoot%2Fmem%2Fintune%2Fcreate-feature-update-hold-co-managed-devices%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EHow%20to%20create%20a%20feature%20update%20hold%20for%20co-managed%20Windows%2010%20devices%20-%20Intune%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20worked%20well%20the%20devices%20on%201909%20remained%20on%201909.%26nbsp%3B%20Then%20when%20switching%20the%20TargetReleaseVersion%20CSP%20to%2020H2%20none%20of%20them%20would%20update%20until%20they%20were%20un-enrolled%20from%20the%20WUfB%20Deployment%20Service.%20As%20stated%20in%20the%20docs%20below.%3C%2FP%3E%3CP%3E%3CA%20href%3D%22https%3A%2F%2Fdocs.microsoft.com%2Fen-us%2Fmem%2Fintune%2Fprotect%2Fwindows-10-feature-updates%23limitations-for-windows-10-feature-updates-policy%22%20target%3D%22_blank%22%20rel%3D%22noopener%20noreferrer%22%3EConfigure%20Windows%2010%20feature%20updates%20policy%20in%20Intune%20%7C%20Microsoft%20Docs%3C%2FA%3E%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThis%20worked%20for%20a%20period%20of%20time%20(couple%20of%20weeks)%20but%20now%20none%20of%20the%201909%20devices%20with%20a%20deferral%20policy%20for%20feature%20updates%20set%20to%200%2C%20the%20TargetReleaseVersion%20CSP%20set%20to%2020H2%20and%20confirmed%20as%20being%20un-enrolled%20from%20the%20WUfB%20Deployment%20Service%20are%20being%20offered%20the%2020H2%20Feature%20Update%20from%20Windows%20Update.%26nbsp%3B%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EAny%20ideas%20what%20might%20be%20happening%20here%20or%20what%20I%20can%20check%20next%3F%20None%20of%20these%20machines%20are%20showing%20as%20having%20a%20Safeguard%20Hold%20in%20Update%20Compliance.%3C%2FP%3E%3CP%3E%26nbsp%3B%3C%2FP%3E%3CP%3EThanks%3C%2FP%3E%3CP%3EMark%3C%2FP%3E%3C%2FLINGO-BODY%3E
New Contributor

Hi, we have co-managed devices with the Windows Update workload moved to Intune. We started with the feature update deferral policy set to zero and applying a feature update profile, but started to experience the known issue with co-managed devices upgrading to the latest version of Win 10 despite what is set in the profile.

 

So we moved from a feature update profile to the TargetReleaseVersion CSP which was at one stage recommended in the docs as a workaround for the issue:

How to create a feature update hold for co-managed Windows 10 devices - Intune | Microsoft Docs

 

This worked well the devices on 1909 remained on 1909.  Then when switching the TargetReleaseVersion CSP to 20H2 none of them would update until they were un-enrolled from the WUfB Deployment Service. As stated in the docs below.

Configure Windows 10 feature updates policy in Intune | Microsoft Docs

 

This worked for a period of time (couple of weeks) but now none of the 1909 devices with a deferral policy for feature updates set to 0, the TargetReleaseVersion CSP set to 20H2 and confirmed as being un-enrolled from the WUfB Deployment Service are being offered the 20H2 Feature Update from Windows Update. 

 

Any ideas what might be happening here or what I can check next? None of these machines are showing as having a Safeguard Hold in Update Compliance.

 

Thanks

Mark

0 Replies