Integrate Windows Upgrade Analytics with Configuration Manager

• Author
• Recent Posts

Jörgen Nilsson

Jörgen is a principal consultant at Onevinn in Sweden. His work focuses on enterprise client management and system management. He is a Microsoft Certified Trainer and a Microsoft Most Valuable Professional (MVP) in Enterprise Mobility. He also speaks at events such as Microsoft TechDays, Microsoft Management Summits, and TechEd.

Latest posts by Jörgen Nilsson (see all)

• Remote help for Intune and Microsoft Endpoint Manager - Tue, Jan 25 2022
• Windows 10/11 Azure AD/Intune Enterprise subscription is not valid - Mon, Nov 8 2021
• Upgrade from Windows 10 to Windows 11 with Setupconfig.ini and Intune - Wed, Sep 22 2021

If Windows Upgrade Analytics flags clients as "ready to upgrade," Configuration Manager automatically starts the upgrade process. You can create new collections based on existing collections and the assessments of Windows Upgrade Analytics. In the example below, I created a collection status "Ready to upgrade with WU Driver in HR," which is based on my HR collection.

Ready to upgrade

Ready to upgrade collection

This integration turns Upgrade Analytics into a really powerful tool. I also like the fact that admins who plan, verify, and test upgrades can mark computers as ready for upgrade without having access to the Configuration Manager console. SCCM admins don't have to manually configure the upgrades because everything is automated.

Let's see how we can integrate Windows Upgrade Analytics ino Configuration Manager 1610. To start with, we need an Operations Management Suite (OMS) Workspace with Upgrade Analytics up and running. Our Configuration Manager site must have version 1610 or later installed. Next, we have to execute the following steps.

1. Create an application in Azure AD that Configuration Manager can use to access the OMS workspace and ensure that Upgrade Analytics is active.
2. Grant permissions to the Resource Group that the OMS workspace uses for our newly created Azure AD application.
3. Configure the integration with Upgrade Analytics in the Configuration Manager console.

Start by launching https://manage.windowsazure.com where you will create an application and grant permissions to access the OMS workspace that Configuration Manager can use.

After you log into the Azure Management Portal, you have to navigate to Active Directory and select Applications. Now click Add as shown in the screenshot below.

Applications tab in Azure Active Directory

Then you select the kind of application you want to create. For this purpose, you have to choose Add an application my organization is developing.

Select application type

Then you give the application a name.

Naming the application

Next you have to specify two URLs that are actually never used; so you can basically enter any URL here.

Configuring URLs

After you create the application, you can now generate a key that can be used by Configuration Manager together with the Client ID to access the Windows Upgrade Analytics data. Select your newly created application and click Configure.

Configure the application

Next select the duration to determine how long the key will be valid.

Configure key lifetime

After you select lifetime, the key will be generated and becomes visible after you click Save.

Saving the application key

You now have to take note of the Client ID and the key. Note that the key will disappear once you leave this view. If you missed copying the key, you will have to create a new one.

Application Client ID and key

You can now proceed to the Resource Group where the OMS Workspace that we use for Upgrade Analytics lives. Next select Access control (IAM) and then click Add.

Azure Resource Group permissions

Now click the Contributor role.

Select a role

Next, select the name of the Azure AD application that you created earlier and grant the permission that allows the application to communicate with Upgrade Analytics (in our example, "WindowsUpgrade Analytics").

Adding the application to the Resource Group

Your application now has the correct permissions to access the Resource Group and the OMS Workspace because the permissions are inherited from the Resource Group. In the next step you have to configure the integration with Configuration Manager.

In the Configuration Manager console under Administration > Cloud services > Upgrade Analytics Connector, select Create Connection to Upgrade Analytics.

Create Connection to Upgrade Analytics

Now click Next.

After that, you need to enter the Tenant. In my example, it is my MSDN subscription. You also have to specify the Client ID and the Client secret key that you copied earlier. Next click Verify to ensure that the information entered is correct.

Verifying the connection information

You will now be prompted to select your subscription if the Client ID and the corresponding Client secret key have permission to access more than one OMS Workspace. Make sure to select the correct one here.

Selecting subscription, Azure Resource Group and OMS workspace

The connector is now configured. Note that downloading the data can take a while. You can follow progress in the DMPDownloader.log log file in the Configuration Manager Site server. You should see the lines from the screenshot below when SCCM synchronizes with Upgrade Analytics.

DMPDownloader.log

The Upgrade Analytics view in the Configuration Manager console should now be updated and you can start creating collections based on upgrade readiness.

Upgrade Analytics view

Note that that the five collections that are pre-listed in the collection dropdown menu are those collections that contain most of the members in the site.