Thursday, 28 April 2022

Intune Windows 10 and later Feature updates Report (Preview) - Get it working with CM co-management.

Introduction

If you are using Windows Update For Business (WUFB) to take care of your feature and quality updates for your co-managed SCCM clients, then you really want to make sure this report is working for you.  It will give you valuable information such as:

1) A pie chart showing the total devices targeted with a feature update along with a break down - a count of machines in progress, successfully completed, failed, cancelled or on hold.

2) A list of all the machines in scope for upgrade and the state they are in: Installing, Installed, Needs Attention, Offering or Pending.

3) A sub status for the current state: Download complete, Download start, Install Start, Reboot required, etc.

4) Alert message: Disk Full, Insufficient Update connectivity, Not applicable etc.



This is a lot of useful information and when you have thousands of machines upgrading, well you really need to have this report working.

But it is a preview report and it does have some dependencies - so here I present the steps I took to get it working for a customer.  You might like to follow and impress your manager with this useful report.

Not all these steps may be necessary, or documented requirements - but if your report is not working they may help to get it working.

Note:  The report can be found in the Intune portal at All Services\Reports\Windows updates (preview)\Report tab\Windows Feature Update Report.

Tip 1 - Check your CM version.

My client's MECM is on CB 2107.

Version 2010 runs out of support at the end of this month.  You will be wanting to upgrade if you are still on 2010, and at least upgrade to 2107.  I am not saying you are required to upgrade to 2107, but my client couldn't get this report working while on 2103.

Tip 2 - Make sure CoMgmtSettingsProd Properties has Workloads correctly configured.

I know it appears obvious, but I do also know not all have years of experience with this product.  And so I will state the obvious - you need to check your co-management workload settings in Administration\Overview\Cloud Services\Cloud AttachRight click on the CoMgmtSettingsProd object and select Properties.  Click on Workloads and ensure that Windows Update Policies are handled by Intune.



Tip 3 - Ensure you have a Windows Health Monitoring Configuration Profile in place.

You will need to create and assign a configuration profile in the Intune portal.  Navigate to All Services\Devices\Windows\Configuration Profiles.  Create and assign a Windows Health Monitoring Profile.  Ensure that:

1) Platform is Windows 10 and Later.

2) Profile type is Templates.

3) Template name is Windows Health monitoring.

4) Health Monitoring is enabled.

5) Scope is both Windows updates and analytics.


Tip 4 - Create a Feature Updates Profile in Intune

Another obvious suggestion but it may have been overlooked.  You will have to navigate to All Services\Devices\Windows\Feature updates for Windows 10 and later (Preview).  Here you can create a profile and select the Windows 10 version you want your estate devices to be upgraded to.

In this example we have assigned an update profile which will ensure the group of devices are upgraded to Windows 10 21H1.


Tip 5 - Ensure SCCM Configure Upload settings correctly.

In the CM console navigate to Administration\Overview\Cloud Services\Cloud AttachRight click on CoMgmtSettingsProd and select Properties.  Click on the Configure upload tab.  Ensure that Upload to Microsoft Endpoint Manager admin center option is selected.  In this example we also select All devices managed by Microsoft Endpoint Manager.  Ensure also that the Enable Endpoint Analytics for devices uploaded to Microsoft Endpoint Manager option is selected.



Tip 6 - Make sure your CM client settings are correct.

Navigate to your default client setting object and navigate to Computer Agent and ensure that Enable Analytics data collection is enabled.  Or alternatively create a new client settings object to deploy this setting.



Tip 7 - Re-attach Tenant Attach.

If the Intune feature report is still not working, then you can try a Tenant detach followed by a Tenant attach.  In the SCCM console navigate to Administration\Overview\Cloud Services\Cloud Attach. Right click on CoMgmtSettingsProd and select Properties.  Deselect Upload to Microsoft Endpoint Manager admin center and deselect Enable Endpoint Analytics for devices uploaded to Microsoft Endpoint Manager.  When this completes, re-enable both options.  Wait for the attachment to complete and try running the report again.  Hopefully you should start seeing the upgrade results coming through.

I hope this article has been helpful and I hope you have a pleasant response from your manager, after presenting this great report in your next meeting.










Deploy Windows 11 with MDT - Supported

 Introduction The Microsoft Deployment Toolkit (MDT)  has been used by many companies for the provisioning of operating systems.  It does ha...