Bren Posted October 1, 2021 Posted October 1, 2021 Hi, Has there been any discussion on whether its possible to use Pulseway to prevent devices from upgrading to W11? I can't find anything in the forums. Is anyone using pulseway to manage this update and if so how are you going about it? We're on day 1 of considering this so way behind where we need to be. We have a large proportion registered in intune so we can manage those devices in there. But we also have a lot of standalone devices and pulseway may be our best bet. thanks  OnettNess and UTS Brian 2
Mark G38 Posted October 18, 2021 Posted October 18, 2021 (edited) I've taken 2 steps to this. 1. Create a Global Rule in Pulseway that says if Name or Description contains 21H2, don't install. 21H2 is used by Windows 11.  2. Set registry entries to tell Windows 10 to not update Feature version past 21H1 for now. This can also be done via GPO in a domain environment.   BUT - I don't think this stops end users from clicking upgrade if they get a prompt or choose to be curious themselves. I've also sent out communications to my customers explaining that they should not be pressing update to any Windows 11 prompts if they happen to see any lol. Edited October 18, 2021 by Mark G38 Fred_BD and Jamie Taylor 1 1
Gregory Candido Posted November 11, 2021 Posted November 11, 2021  Would this be correct? I would assume if they come 22H2 in the future we would need to create a global rule for that as well. Since this is a global rule this means it will apply to all my tenant's machines?  Greg Fred_BD and Jamie Taylor 1 1
Mark G38 Posted November 11, 2021 Posted November 11, 2021 @Gregory Candido That's correct. It will apply to ALL patch policies you have in place. You can create rules for new ones as well yes. However, you can also do the registry entries as mentioned previously. They will prevent auto updates to anything past what you set. Obviously, this may need to change as Windows 10 continues to release updates, but we will have to wait and see if they alter version numbers so that Windows 11 is different from Windows 10 in that regards.  For now, you can script these reg entries or deploy via GPO if you have an AD environment. HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate. Create or update the Dword TargetReleaseVersion to 1. Create or update the Dword TargetReleaseVersionInfo to 21H1.  Jamie Taylor and Fred_BD 1 1
Fred_BD Posted November 25, 2021 Posted November 25, 2021 On 11/11/2021 at 10:15 AM, Mark G38 said: Create or update the Dword TargetReleaseVersionInfo to 21H1. I think this is supposed to be a String rather than DWORD. We don't have an AD environment but I'm still able to use automation within Pulseway to make all of this happen. Thanks @Mark G38for the help! Jamie Taylor 1
Mark G38 Posted November 25, 2021 Posted November 25, 2021 11 hours ago, Fred_BD said: I think this is supposed to be a String rather than DWORD. We don't have an AD environment but I'm still able to use automation within Pulseway to make all of this happen. Thanks @Mark G38for the help! Happy to help and yes, sorry about that should be reg_sz as you mentioned. Jamie Taylor 1
Matt Wilson Posted January 31, 2022 Posted January 31, 2022 On 11/11/2021 at 10:58 AM, Gregory Candido said:  Would this be correct? I would assume if they come 22H2 in the future we would need to create a global rule for that as well. Since this is a global rule this means it will apply to all my tenant's machines?  Greg  Why would blocking 21H2 block Windows 11? 21H2 is just a Win 10 Feature update.Â
Mark G38 Posted February 1, 2022 Posted February 1, 2022 23 hours ago, Matt Wilson said:  Why would blocking 21H2 block Windows 11? 21H2 is just a Win 10 Feature update. No, 21H2 is a shared version number between Win 10 and Win 11. See here: https://docs.microsoft.com/en-us/lifecycle/products/windows-11-home-and-pro-version-21h2  That is why you have to take the above steps to prevent Windows 10 from going past 21H1 Jamie Taylor 1
Christopher Posted August 9, 2022 Posted August 9, 2022 I just ran over this topic. If you set the options like explained above patch management also won´t install cumulative updates for the systems since they contain the version number as well. So i changed the global rules according to this. Be aware it´s language sensitive, if the description is in another language than english or german, you might need to set it to your specific language Jamie Taylor and JMK 2
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now