Event banner
Event details
Thanks for joining us for today's AMA on Windows updates in Intune: drivers, firmware, and Autopatch. Up next: AMA - Securely manage iOS/iPadOS and macOS endpoints with Intune.
In addition to the questions posted on this page, we also answered questions posted in reply to the event on LinkedIn and Twitter. Here are the questions we answered today:
- Is there a place or quarter on the roadmap when Windows Servers are likely to be able to be managed in Intune rather than SCCM. Will these patching methods be available for servers too? Currently we are investigating using Update management center in Azure rather than WSUS / SCCM. Will Intune eventually comanage this feature or do you see the roadmap to keep them completely separate entities?
David_GuyerMicrosoft
I'm not aware of any roadmap items like that. My understanding is that using Azure server management tools is the way to manage servers from the cloud today.
That concludes today's live stream! We'll continue answering your questions here in the chat until the end of the hour.
- Is defender and azure information protection included in AutoPatch ?
apologize, maybe you answered this question. What is the difference between autopatch and windows update rings? not really seeing the added value with autopatch.
- David_GuyerAutopatch will configure Update Rings for you based on the inputs you provide. The value of Autopatch becomes clearer if you use the Autopatch Groups preview, since you can create a set of groups and rings w/o having to manually configure each one, or manage the AAD groups for each policy. And then, Autopatch will help manage those updates for you going forward. If you want finer grain control, and already have Update Rings configured, you may want to stick with your current configuration and keep an eye on Autopatch enhancements for something that adds value for you.
- Lior_BelaLots of value as David mentioned, please review at aka.ms/autopatch
- What would you recommend to get visibility on driver deployment issues (install failure, performance issues after install) which would help us identify the need to suspend or pause a deployment?
- David_GuyerToday the best tools will be in Endpoint Analytics and the Application Reliability and Startup Performance reports. These can show you when reliability changes. Also, if you have any end-user listening services where you can see if users are increasing or complaining about an update, that can also be helpful.
- Sorry again if something I have missed out. What about windows 11
- For drivers or firmware that require reboots is the standard WUfB reboot UI going to be available? Will you be able to shutdown and restart without updating during a grace period?
- David_GuyerYes, the standard WUFB reboot UI is used when a driver requires a reboot, and the Quality Update Deadline and the Grace Period settings also apply to that reboot. I'm not 100% sure, but if a reboot is required, I don't think the restart w/o updating options are available... I think that's only for Feature Updates.
- You can see in manual driver patching via WU UI that some drivers e.g. Many Intel drivers have their own restart notifications built-in, so this confuses end-users. End-user training is required.
- David_GuyerThese should be reported to the driver publisher as a bug, since any update delivered via Windows Update should let WIndows Update manage the restarts.
- I think "grace period" is the point after the installation before a forced reboot right? If true, I would think the answer to your question would be no.
- Are you guys including third party software updates at one point? Is it even in the road map?
- David_GuyerIt's something we are exploring for App management.
- Can we use Autopatch in conjuction with WUfB?
- David_GuyerSince Autopatch uses WUfB, that's kind of an interesting question! The key point I would make is that a device should only be in one management policy for an update type at a time. So, if you have a device enrolled in Autopatch, use Autopatch for that device. However, you can choose which devices are enrolled in Autopatch, and for the other devices, use the Update Rings, Feature Update and Expedited Quality update policies in Intune.
Thanks for participating in today's Windows updates in Intune: drivers, firmware, and Autopatch AMA! For reference, the panel covered this topic at around 42:30.
