Update rings

Installing Windows security updates during the Windows out-of-box-experience

by

Important: While writing this post the news came that this capability got delayed again to help ensure delivery of the best possible experience. As the configuration is still available in Microsoft Intune, this post can still provide value. This week is all about the new functionality to install Windows security updates during the Windows out-of-box-experience (OOBE). That functionality is focused on making sure that Windows devices are secure and up-to-date at the moment that the user will actually start using the device. At this moment, one of the main challenges is that organizations have to rely on the preinstalled Windows version on the device. That might not – and often does not – include the latest Windows security updates. This new functionality can help with …

Read more

Understanding Windows Autopatch groups

by

This week something completely different, but maybe even more intriguing at some level. That something is Windows Autopach groups. Windows Autopatch groups are logical containers, or units, that can group several Azure AD groups and different software update policies, within Windows Autopatch. That’s a really nice addition to Windows Autopatch that is available starting with the latest service update of May 2023. Windows Autopatch groups enable organizations to create different selections of devices with as many as 15 unique deployment rings, custom cadences and content. And a tenant can contain up to 50 Windows Autopatch groups. That enables IT administrator to create nearly any structure for patching their devices within Windows Autopatch. This post will start with some more details for understanding Windows Autopatch groups, …

Read more

Different options for upgrading devices to Windows 11

by

This week is again all about upgrading devices to Windows 11, by using Microsoft Intune. When discussing the upgrade to Windows 11, the first and foremost thing to mention is that managed devices won’t automatically upgrade to Windows 11. There is always an action required by the IT administrator to make sure that managed devices are allowed to upgrade to Windows 11. The options to configure those managed devices, however, were limited when using Microsoft Intune. That has changed with the latest service release (2111) of Microsoft Intune. That service release introduced a few more options for managing and controlling the upgrade to Windows 11. This post will go through those different methods for upgrading devices to Windows 11, followed the configuration options for those …

Read more