Manage Android updates by using configuration profiles – Manage, maintain, and protect devices

You can also use Intune to exert a degree of control over Android Enterprise updates. This only applies to devices with Android using the fully managed, dedicated, and corporate-owned work profile. Rather than using specific update rings like you would do with Windows, iOS, and macOS, Android updates are managed though a device configuration profile.

To create a profile that includes the update settings, use the following procedure:

  1. Open Microsoft Intune admin center.
  2. Select Devices and then select Android.
  3. On the Android | Overview page, click Configuration profiles.
  4. Click Create profile.
  5. On the Create a profile page, select the Android Enterprise and then select Device restrictions under the Fully managed, Dedicated, and Corporate-Owned Work Profile heading.
  6. Click Create.
  7. On the Basics tab, enter a Name and Description and click Next.
  8. On the Configuration settings page, shown in Figure 3-51, expand General and then click System update. This setting ensures that when over-the-air updates are available for targeted devices, those updates are installed based on this policy. Choose between Device Default, Automatic, Postponed, and Maintenance window.

FIGURE 3-51 Using a device restrictions profile to configure Android updates

9. Depending on the option selected determines what other settings must be configured. For example, selecting Automatic requires no other settings.

10. Complete the wizard by configuring Scope tags and Assignments, and then create the profile.

It’s important to realize that the application of updates depends on the hardware vendor of your users’ Android devices releasing those updates.

Monitor updates

Using the Intune admin center, you can review the current status of updates and monitor the application of those updates using the configured update rings. For Windows, use the following procedure:

  1. Open Microsoft Intune admin center.
  2. Navigate to Devices | Windows and then choose Update rings for Windows 10 and later.
  3. Select the appropriate update ring. You can now review the application of update on the Overview tab. Select the Device status tab for details about specific device updates.

You can also use the Intune reporting node:

  1. In the Microsoft Intune admin center, select Reports and then select Windows updates.
  2. Click Refresh to generate reports.

From this page, you can review the following:

  • Windows Feature updates:
    • In progress
    • Success
    • Error
    • Rollback initiated
    • Canceled
    • On hold
    • Total
  • Windows Expedited Quality updates:
    • In progress
    • Success
    • Error
    • Canceled
    • Total

Leave a Reply

Your email address will not be published. Required fields are marked *