As an IT admin, your job is to keep the devices and the people who use them in your organization protected and productive. Part of that is centered on the update experience, and today we want to announce some new capabilities that will make that experience better than ever.
Windows 11 will soon enable you to have an update experience more tailored to your organization and a more user-friendly experience. If you are running Windows Insider Preview Build 21277 or later, you can take advantage of new capabilities in the native Windows Update experience and leverage the native update experience with Microsoft Endpoint Configuration Manager.
Use the step-by-step guides below or watch the accompanying demos to learn what’s coming soon and how you can preview these new capabilities today.
Contents
Configuration Manager: leveraging the native Windows Update experience
Configuration Manager is one of Microsoft’s management solutions, along with Intune, Desktop Analytics, Windows Autopilot, and others, all of which form part of the Microsoft Endpoint Manager brand. In June of 2021, we announced a preview of several features to improve user experience with updates, among them enabling Configuration Manager customers to leverage the native Windows Update orchestration and user experience. This enables you to give your end users the same or similar update experience to what they see on their home devices or what they would see if managed by Windows Update for Business. Even better, this means that when you start transitioning certain update workloads to the cloud, end users will have the same great update experience across the board, regardless of where they are getting the update from, be it Windows Server Update Services (WSUS) or Windows Update. Here’s a short video on how this works:
Try this new experience today!
Devices running Windows Insider Preview build 21277 or later and using Configuration Manager, version 2110 can take advantage of this feature using the following steps (or check out the demo for step-by-step guidance).
- Access your Configuration Manager management portal.
- Go to the Administration tab.
- Select Client Settings.
- Open Default Client Settings.
- Go to the Computer Restart page.
- In Computer Restart, locate the new option to “Select the restart experience to be shown to end users“
- Toggle to switch from “Configuration Manager” to “Windows“
- Optionally, you can set a deadline in days for when the restart needs to happen, just as you would for devices managed by Windows Update for Business.
- Additionally, you can customize your organization name by following these steps (also shown in the demo):
- Go to Default Settings.
- From Default Settings, go to the Computer Restart page.
- Enter your organization name in the specify organization name field.
- Finally, set up a deployment and deploy a required update!
Note: All of your typical configurations in Client Policy, Software Updates, and Computer Agent will still apply and will not change.
Your end users will now have the native in-box experience! Once the update gets to their device, they will see a notification that there is an update that requires a restart. If they go to the Settings page, they will see that the update from your organization, such as Bruno and Aria Corp, is pending at the intelligent active hours. They will then see the option to schedule the restart, restart now, or restart tonight (See the demo above).
By changing the restart experience from Configuration Manager to “Windows native,” your updates can take full advantage of active hours and the other great built-in update orchestration benefits that come with the native experience. This feature is coming soon to an upcoming release of Configuration Manager. Until then, you can test it out today as part of the Configuration Manager preview!
For organizations using Windows Update for Business
To all of the IT admins who have been requesting the ability to have your organization name show up in Windows Update notifications, you have been heard! Coming this summer, your Azure Active Directory tenant name will be displayed not just in the Windows Autopilot experience, but now in Windows Update notifications themselves. Here’s a short video on how this works:
Check out this new experience today!
Consider an example of a device managed by Bruno and Aria Corp with compliance deadlines configured. Previously, their end users saw notifications of the type “Your organization requires you to update” Now these notifications will call out that it is Bruno and Aria Corp that requires the action (see the demo above).
Follow these steps to take advantage of this feature on the devices running Windows Insider build 21277 or later, which are Azure Active Directory Joined (Azure AD Joined) with a tenant name under 32 characters specified, and with compliance deadline configured.
Compliance deadlines can be configured by:
Group Policy (GP): …/Windows Components/Windows Update/Manage end user experience/Specify deadlines for automatic updates and restarts
Configuration Service Provider (CSP) policies:
- Update/ConfigureDeadlineForFeatureUpdates
- Update/ConfigureDeadlineForQualityUpdates
- Update/ConfigureDeadlineGracePeriod
- Update/ConfigureDeadlineGracePeriodForFeatureUpdates
The demo above includes two examples of notifications showing the company name that an end user may see before an upcoming restart for a required update.
This much requested change is coming soon!
Whether you manage on-premises with Configuration Manager or with Windows Update for Business, we hope these new experiences make your job easier and your end users’ experience better as we continue to support productivity and protection at work through improvements to Windows updates.
Have you previewed these changes? Do you have feedback or suggestions on how we could continue to improve this experience? Reach out either here on Tech Community or to me directly on Twitter @ariaupdated.
[“source=techcommunity.microsoft”]