# WinUpdate-23H2to24H2Force Intune Remediation

# Table of Contents

• Table of Contents
• Purpose
• Overview
• Dependencies
• Detection Script
• Remediation Script
• Usage
• Inputs
• Outputs
• Notes

# Purpose

Documents both the detection and remediation scripts for forcing Windows update from 23H2 to 24H2 via Intune Remediation.

# Overview

This page covers both:

• Detection script: Checks if device is running Windows 11 23H2 and is targeted for update, using hostname and day-of-week logic. Determines if update to 24H2 is required.
• Remediation script: Downloads and installs the 24H2 enablement package if required, and schedules a reboot with user notifications.

# Dependencies

• PowerShell 7+
• Windows 11 23H2 (targeted devices)
• Internet access (for package download)
• Access to registry: HKLM:\SOFTWARE\Microsoft\Windows NT\CurrentVersion
• Get-ItemProperty
• Invoke-WebRequest
• New-ScheduledTaskAction

# Detection Script

Logic:

• Validates targeting by day of week and device hostname (spread scheduling).
• Checks if device is running Windows 11 23H2 or 24H2.
• Exit codes:
  • 0: Compliant (already on 24H2, not targeted, or unsupported)
  • 1: Not compliant (device is 23H2 and targeted for update)
  • 2: Error or unsupported architecture/version

Inputs: None required; uses environment and registry.

Outputs: Compliance status, OS version, log/output to console.

Documentation:

• Get-ItemProperty

# Remediation Script

Logic:

• Validates targeting by day of week and device hostname (spread scheduling).
• Checks if device is running Windows 11 23H2 (build 22631).
• Downloads the 24H2 enablement package for the correct architecture (x64/ARM64).
• Installs the package silently using wusa.exe.
• Schedules a reboot with user notifications (toast popups, 15 min and 2 min warnings) via a scheduled task and PowerShell script.
• Logs all actions to %ProgramData%\Intune-Win11-24H2-Enablement.log.
• Exit codes:
  • 0: Success
  • 2: Error or unsupported architecture/version

Inputs: None required; uses environment and registry.

Outputs: Actions taken, install results, log file in %ProgramData%.

Documentation:

• Invoke-WebRequest
• New-ScheduledTaskAction

# Usage

• Both scripts are deployed as part of an Intune Remediation package.
• Detection runs first; if update is needed, remediation is triggered.

# Inputs

• No external parameters; all logic is self-contained.

# Outputs

• Detection: Update readiness/status, OS version, log/output.
• Remediation: Actions taken, install results, log file.

# Notes

• See project standards for logging, error handling, and accessibility.