With most companies now familiar with the features in Windows 11 and with Windows 10 Version 21H2 extended support ending in Jun 13, 2023. The ability to send security updates to these machines is no longer available. This could then make your devices non-compliant depending on your policy in Intune and potential block access if you have combined this with actions or conditional access policies. Yes you can upgrade to Version 22H2 which has extended support until Oct 2025 but it would make sense to start using Windows 11.
In order to upgrade to Windows 11 the requirements are a lot stricter than they were for Windows 10. These means you will need to asses your existing devices and make sure they meet the following hardware requirements:
To install or upgrade to Windows 11, devices must meet the following minimum hardware requirements:
- Processor: 1 gigahertz (GHz) or faster with two or more cores on a compatible 64-bit processor or system on a chip (SoC).
- Memory: 4 gigabytes (GB) or greater.
- Storage: 64 GB or greater available disk space.
- Graphics card: Compatible with DirectX 12 or later, with a WDDM 2.0 driver.
- System firmware: UEFI, Secure Boot capable.
- TPM: Trusted Platform Module (TPM) version 2.0.
To check if your devices are capable of upgrading you can download the PC Health Check app https://aka.ms/GetPCHealthCheckApp but if your devices are already in Intune then you can run a report on your devices.
In Intune, click on Reports and then Endpoint Analytics and then Work from Anywhere and click Windows. You can then filter for “Windows 11 readiness status” and not “capable”
You can also export all the device info which will give more details on what is causing the device to be “not capable” of Windows 11 upgrade:
To upgrade the machines capable of Windows 11 see my previous blog: Windows 11 upgrade through MEM – risual