Windows Update for Business (WUB) for PC Enrolled Devices
Only MDM enrolled Windows 10 devices can currently be configured with the necessary settings for WUB (Windows Update for Business). It's not good-enough for this to just apply to MDM enrolled devices currently because MDM doesn't have feature parity yet with PC enrolled managemnt.
It is just as important for Windows 10 PC enrolled devices to be able to utilize WUB instead of the traditional WSUS-like updating scheme that Intune PC Enrolled devices adhere to.
In order for PC enrolled devices to participate in WUB, the Intune agent should control Windows 10s inbox Updating Client instead of using the Intune agent to apply updates. The Intune agent's policies should push down the following policies:
- make it think that it should check for updates from WU,
- an option to apply CBB and LTSB branches,
- staged release groups to different departments,
- and the ability to defer upgrades.
It would be a huge bonus if Intune could then report back the build of Windows that users are running for auditing update/security compliance.
Intune should be smart enough to know if a computer has Windows 7-8.1 and needed WSUS-like functionality or if it is running 10+ and needs WUB.
On October 16, 2019, we announced that support for the Intune PC software client (PC agent) will end on October 15, 2020, along with the Silverlight-based Intune Classic console. You should plan to move to use the MDM channel to manage your Windows PCs as soon as possible. Learn more: https://aka.ms/intune_silverlight_console
Aaron Marks commented
Similar to how SCCM can do this, Intune should be able to as well: https://technet.microsoft.com/en-us/library/mt488782.aspx