Tuesday, September 21, 2021

Understanding readiness for Windows 11 with Microsoft Endpoint Manager

With the announcement of Windows 11, you might be wondering how your organization can prepare for the upgrade, as well as what you can do right now to set yourself up for success. One of the first things you’ll want to consider is using Microsoft Endpoint Manager to assess which devices in your organization meet the minimum system requirements for Windows 11.

Over the next few days, we’ll be updating the Work from anywhere report in Endpoint analytics with new Windows 11 hardware readiness insights. These changes will allow you to easily determine Windows 11 hardware readiness across your organization. Windows 11 insights will be available for all Intune-managed and co-managed devices in Endpoint analytics, as well as devices enrolled via tenant attach with Configuration Manager, version 2107 or newer.

Where to find overall Windows 11 readiness across a device estate in Microsoft Endpoint ManagerWhere to find overall Windows 11 readiness across a device estate in Microsoft Endpoint Manager

Looking at Windows 11 readiness at the individual device level in Microsoft Endpoint ManagerLooking at Windows 11 readiness at the individual device level in Microsoft Endpoint Manager

If you’re not yet using Endpoint analytics, or you’re using an older version of Configuration Manager, we’re also publishing a Hardware Readiness PowerShell script today as an interim solution that can help you determine if your devices meet the Windows 11 minimum system requirements.

While the script can help you get started planning for Windows 11 right away, we also encourage you to onboard to Endpoint analytics so you can benefit from additional Windows 11 insights as well as the existing features that can help you optimize the end-user experience in your organization. And if you’re using Configuration Manager, consider enabling co-management so that you can benefit from new reports and features – like Windows 11 hardware readiness insights – with no on-premises upgrades required. To learn more about Endpoint analytics, you can refer to Microsoft Docs or some of our sessions from Microsoft Ignite.

Running the Hardware Readiness script

To determine whether an individual device meets the system requirements for Windows 11, you can run the script locally from an elevated PowerShell prompt. To run the script at scale, we recommend leveraging Microsoft Endpoint Manager. While the script has been digitally signed by Microsoft, you may need to adjust the PowerShell Execution Policy on your Windows devices.

Microsoft Intune users can leverage the Intune management extension to upload the Hardware Readiness PowerShell script, and then deploy it to a target set of devices. As with any deployment, we recommend testing on a small set of devices before rolling out more broadly. Then, use Microsoft Graph explorer to access and aggregate the results of the script. The output data can be ingested into Azure Log Analytics or saved locally for you to query and visualize as desired. A step-by-step walkthrough of using this method to aggregate script results is available on the Device Management in Microsoft blog.

Organizations using Configuration Manager can use the Run Scripts feature which provides the built-in ability to deploy and aggregate results from a PowerShell script. To learn more about this process, the Script output section of the Microsoft Docs article, Create and run PowerShell scripts from the Configuration Manager console.

Understanding the Hardware Readiness script output

The Hardware Readiness script is meant to determine if a device meets the minimum system requirements for Windows 11, and in the case that not all requirements are met, it will highlight which hardware checks failed. Results are returned in JSON format with four key/value pairs:

  • returnCode: an integer value that represents whether the device meets the minimum system requirements for Windows 11. Possible results include:

    returnCode

    Definition

    -2

    FAILED TO RUN – the script encountered an error

    -1

    UNDETERMINED – one or more of the hardware requirement checks failed to execute properly

    0

    CAPABLE – the device meets all assessed Windows 11 hardware requirements

    1

    NOT CAPABLE – the device does not meet one or more of the assessed Windows 11 hardware requirements

  • returnReason: a string value that provides a comma-separated list of the Windows 11 hardware requirements that are not met on the device. For instance, if the script is run on a device that meets all hardware requirements except the Storage requirement, returnReason would equal “Storage.” In the case that all hardware requirements are met, returnReason will be NULL. Possible results include:

    returnReason

    Storage

    Memory

    TPM

    Processor

    SecureBoot


    For a complete list of minimum system requirements for Windows 11, see Windows 11 requirements. You can also find additional details on the Windows 11 System Requirements, page, including the steps you might be able to take to modify or update a Windows 10 device to make it eligible for the upgrade to Windows 11.
  • logging: a string value that provides verbose logging of the determined values for all hardware checks performed on the device.
  • returnResult: a string value that is a human-readable representation of returnCode. Possible results include: CAPABLE, NOT CAPABLE, UNDETERMINED, and FAILED TO RUN.

 

Disclaimer: This Hardware Readiness PowerShell Script is not supported under any Microsoft standard support program or service and is distributed under the MIT license.



Posted at https://sl.advdat.com/2VZj5cF