Contact Us
Help Center Home > Devices KB > Troubleshoot: Windows 11 Upgrades

Troubleshoot: Windows 11 Upgrades

This article describes how to use JumpCloud policies to upgrade your organization's Windows 10 devices to Windows 11. It also provides steps for troubleshooting common issues that can prevent a successful upgrade, such as hardware incompatibilities or policy conflicts.

Prerequisites:

  • Your device must have Trusted Platform Module (TPM) 2.0 enabled to upgrade to Windows 11. A failure to detect the TPM chip will prevent the upgrade. You can verify your device's TPM status before configuring the upgrade policy. See Microsoft's Windows 11 Specs and System Requirements to learn more.
    • A common symptom of a missing or disabled TPM chip is a BitLocker policy failure with the error: “Device does not have a valid TPM chip installed.”

Verifying TPM 2.0 Status

On a Windows device, you can use either the Windows Security app or the Microsoft Management Console to check the TPM status.

To check status using the Windows Security app:

  1. Go to Settings > Update & Security > Windows Security > Device Security.
  2. Under Security processor, select Security processor details.
    • If you do not see a Security processor section, your device's TPM may be disabled. Jump to Enabling TPM.
  3. Verify that the Specification version is 2.0. If the version is less than 2.0, your device does not meet the Windows 11 requirements.

To check status using the Microsoft Management Console:

  1. Press [Windows Key] + R or go to Start > Run.
  2. In the text field, enter tpm.msc and click OK.
    • If a “Compatible TPM cannot be found” message appears, your device's TPM may be disabled. Jump to Enabling TPM.
  3. Under TPM Manufacturer Information, check that the Specification Version is 2.0. If it is less than 2.0, your device does not meet the Windows 11 requirement.

Enabling TPM

TPM settings are managed in the Unified Extensible Firmware Interface (UEFI) BIOS and vary by device. The following steps may differ depending on your device.

  1. Go to Settings > Update & Security > Recovery > Restart now.
  2. From the next screen, click Troubleshoot > Advanced options > UEFI Firmware Settings > Restart.
  3. Find the option to enable the TPM. This setting may be in a sub-menu labeled Advanced, Security, or Trusted Computing, and the option itself may be labeled Security Device, TPM State, or Intel Platform Trust Technology, among other names.

If you cannot enable TPM or verify that the version is 2.0, contact your device manufacturer for assistance. See Microsoft's How to enable TPM to learn more.

Configuring the Upgrade Using Separate Policies

To manage which devices upgrade to Windows 11 and which remain on Windows 10, you must use two separate JumpCloud policies. See Create a Windows Patch Policy to learn more.

Important:

Do not apply both policies to the same device or device group. This will cause a policy conflict and prevent the upgrade.

To upgrade devices to Windows 11:

  1. In the Admin Portal, go to DEVICE MANAGEMENT > Policy Management.
  2. Create a new Windows Update Policy or select an existing one.
  3. Under Update Settings, for Target Version for Feature Updates, enter Windows 11.
  4. Ensure that the Defer Updates setting is not selected.
  5. Click save.
  6. Assign the policy only to the devices or device groups you want to upgrade.

To keep devices on Windows 10:

  1. Create a second Windows Update Policy.
  2. Under Update Settings, leave the Target Version for Feature Updates field empty. This ensures the device continues to receive Windows 10 updates but is not prompted to upgrade to Windows 11.
  3. Click save.
  4. Assign this policy to the devices or device groups that will remain on Windows 10.

Troubleshooting Upgrade Failures

Symptoms

  • The Windows 11 update does not download or install.
  • The Windows PC Health Check app cannot verify eligibility for Windows 11.
  • Windows 10 devices receive standard updates but are not prompted to upgrade.

Cause

The most common causes for upgrade failure are policy conflicts or hardware incompatibility.

  • Policy Conflict: The upgrade can be blocked by settings in the Windows Update Policy.
    • If Target Version for Feature Updates is set to Windows 10, it will prevent the Windows 11 eligibility check.
    • If Defer Updates is selected, it can block the upgrade check.
  • Hardware Incompatibility: The device does not have TPM 2.0 enabled. Jump to Prerequisites.
Back to Top

List IconIn this Article

Notebook IconLearn More

Create a Windows Patch Policy

Still Have Questions?

If you cannot find an answer to your question in our FAQ, you can always contact us.

Submit a Case