windows-itpro-docs Allow Update Compliance processing Value

Hi,

I followed these instructions, to enable "Allow Update Compliance processing" via Intune configuration profile.

I've included this in my profile: "OMA-URI: ./Vendor/MSFT/Policy/Config/System/AllowUpdateComplianceProcessing Data type: Integer Value: 16"

What I found was that with this code the hex code is 10 and the decimal is 16. According to other website it should be hex 16 and dec. 22.

Regards.

(for example: https://www.thewindowsclub.com/enable-update-compliance-processing)

Document Details

⚠ Do not edit this section. It is required for docs.microsoft.com ➟ GitHub issue linking.

ID: 47a41574-4118-dff7-f9ae-047b2dbdf30f
Version Independent ID: 4f48d7a5-3965-60a4-221c-c519253bfc29
Content: Configuring Microsoft Endpoint Manager devices for Update Compliance - Windows Deployment
Content Source: windows/deployment/update/update-compliance-configuration-mem.md
Product: w10
Technology: windows
GitHub Login: @jaimeo
Microsoft Alias: jaimeo

Jun 29 '21 11:06 erottier

@cinglis-msft can you advise?

Jun 29 '21 15:06 jaimeo

@cinglis-msft can you advise?

I seem to have to set the value to 22. I advise more testing by others then me to be sure. Also, the updates I make take 48 hours to come through in Log Analytics, so every error I make are visible after 2 full days.

This means it sets the decimal to 22, but the hexadecimal to the wanted 16.

Jun 30 '21 06:06 erottier

@erottier Just now i enabled that policy using group policy editor, 16 is correct for decimal, and10 is for hexadecimal here is the proof Capture

Jun 30 '21 08:06 RAJU2529

I'm starting to wonder if both values are 'correct'. Since 22 decimal is higher then 16 decimal, maybe the system interprets both as valid?

As you can see, my values are working fine as well although they are different. - Edit: let me clarify the image. On the left is the ingested data in Azure's Log Analytics. Top right is my hostname and the bottom right is regedit on the same machine. aucp

I am in agreement that the GPO values are probably the right ones. As stated before, I had waited a little over the 24 hours the panel in Azure told me. I got nothing. After 48 hours data showed up, so my initial conclusion may be skewed.

Jul 01 '21 07:07 erottier

16 decimal is what is required. This policy value actually goes into a bitmap on the backend. It does not yet affect data flow to Update Compliance. It was added a requirement pre-emptively so that folks have enough time to activate the policy before it is actually required for data to flow. Thus, that is why all values still technically "work"... It is essentially unused right now.

Jul 01 '21 19:07 cinglis-msft

16 decimal is what is required. This policy value actually goes into a bitmap on the backend. It does not yet affect data flow to Update Compliance. It was added a requirement pre-emptively so that folks have enough time to activate the policy before it is actually required for data to flow. Thus, that is why all values still technically "work"... It is essentially unused right now.

Thanks! That explains a LOT.

The only thing which could be done is maybe clarify the doc that 16 is decimal? (for people using regedit) Or should it be clear enough since Intune (and the GPO) pushes decimals anyway?

Jul 01 '21 21:07 erottier