The countdown has begun for Windows 10, as its end of life approaches. While organizations have the option to purchase Extended Security Updates (ESU), the financial implications may not be viable for all. In light of this, both enterprise customers and Microsoft stand to gain from a smooth transition to Windows 11. To facilitate this process, Microsoft has unveiled a comprehensive guide aimed at assisting companies in upgrading their systems via Intune.
Guidelines for a Seamless Upgrade
This guide is specifically designed for domain-joined or co-joined Windows 10 PCs, enabling a cloud-native migration to Windows 11 while ensuring that devices are Entra-joined with Intune.
To embark on this journey, organizations must first verify that their hardware aligns with the requirements for Windows 11, notably the inclusion of TPM 2.0. This verification can be accomplished using Microsoft Configuration Manager or Endpoint Analytics within Intune. Furthermore, tools such as Windows Autopatch, Configuration Manager, and Windows Server Update Services (WSUS) should be utilized to ensure Windows 10 devices are updated to the latest supported version, currently version 22H2.
IT administrators are encouraged to synchronize identities from Active Directory (AD) to Entra ID, configure and validate a hybrid join, and prepare the Intune environment by securing the necessary licenses and admin roles. Additionally, enabling co-management in both Intune and Configuration Manager is crucial.
Subsequently, it is essential to rationalize Group Policy Objects (GPOs) by replacing redundant policies, establishing Intune configuration profiles, and configuring Intune policies to deploy updates in phases. Windows Autopatch should be leveraged to facilitate the update process and monitor its rollout effectively.
Moreover, applications must be transitioned from Configuration Manager to Intune for packaging, testing, deployment, and appropriate assignment to device groups. IT admins should remain proactive in decommissioning outdated deployments in Configuration Manager and ensuring that all relevant documentation is updated accordingly.
The final phase of this migration involves shifting from a domain network-joined configuration to an Entra ID-joined setup. This multi-step process is detailed in the guide provided by Microsoft. The company believes that adopting this cloud-native migration strategy will lead to centralized and streamlined management, enhanced security, an optimized user experience, reduced dependence on legacy infrastructure, and the opportunity for IT admins to utilize Copilot in Intune.
