# Configuration guide: Intune client continuity

{% hint style="warning" %}
The configuration options on this page are only accessible to [administrators](https://docs.nexthink.com/platform/user-guide/administration/account-management/roles#roles-administration).

Refer to the [Usage guide template: Intune client continuity](/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity/usage-guide-intune-client-continuity.md) to use library content as a standard user.
{% endhint %}

## Pre-requisites <a href="#configurationguide-hardresettroubleshooting-pre-requisites" id="configurationguide-hardresettroubleshooting-pre-requisites"></a>

This library pack contains content from the following [expansion products](https://nexthink.gitbook.io/opd/overview/products).

* [Flow - Workflows](https://nexthink.gitbook.io/opd/user-guide/workflows)

## Content list and dependency <a href="#configurationguide-hardresettroubleshooting-contentlistanddependency" id="configurationguide-hardresettroubleshooting-contentlistanddependency"></a>

This library pack contains the following content and dependencies:

| Type                                                                        | Name                                 | Description                                                                                                                                                 |
| --------------------------------------------------------------------------- | ------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [Workflows](https://nexthink.gitbook.io/opd/user-guide/workflows)           | Intune client continuity             | The workflow performs checks and self-healing actions to ensure Intune client compliance, resolve common issues and create ITSM tickets for unresolved ones |
| [Remote Actions](https://nexthink.gitbook.io/opd/user-guide/remote-actions) | Get Intune synchronization status    | Helps to identify any issues with policy synchronization or problems applying policy.                                                                       |
|                                                                             | Get Intune device status             | Helps to understand the health of Intune-managed devices, and identify any issues with device enrollment.                                                   |
|                                                                             | Set service information              | Changes the status and startup type of one or multiple services, which are provided as input.                                                               |
|                                                                             | Restart service                      | Restarts the service except if it is in the blacklist.                                                                                                      |
|                                                                             | Invoke Intune policy synchronization | Searches for the "PushLaunch" scheduled task created automatically by Intune and forces the start of the task forcing the policy synchronization.           |
|                                                                             | Get Intune client disgnostics        | Creates a copy of the MDM logs within the folder "c:\users\public\documents" on a local device.                                                             |
|                                                                             | Intune policy refresh                | Renew enrollment and force a sync of macOS devices into Intune                                                                                              |

## Configuration guide <a href="#configurationguide-hardresettroubleshooting-configurationguide" id="configurationguide-hardresettroubleshooting-configurationguide"></a>

{% hint style="info" %}
Adapt these suggested configuration steps to edit and customize content according to your organizational needs.
{% endhint %}

Follow these steps to install and configure content:

* Before configuration - Install library pack content from [Nexthink Library](https://docs.nexthink.com/platform/latest/library)
* Step 1 - Confiure a GraphAPI connector
* Step 2 - Configure ITSM API connector credentials
* Step 3 - Configure remote action(s)
* Step 4 - Schedule the workflow

### Step 1 - Configure a GraphAPI connector <a href="#configurationguide-hardresettroubleshooting-step6-scheduletheworkflow" id="configurationguide-hardresettroubleshooting-step6-scheduletheworkflow"></a>

This workflow uses an Intune connector, which relies on a Microsoft GraphAPI connector, to retrieve Intune status information directly for the target device.

Refer to [Entra ID integration for workflows](https://docs.nexthink.com/library/entra-id-integration-for-workflows) to configure the appropriate connector credentials in Nexthink.

Refer to the [Graph REST API](https://learn.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0) documentation from Microsoft for more information.

### Step 2 - Configure ITSM API connector credentials <a href="#configurationguide-hardresettroubleshooting-step2-configureitsmapiconnectorcredentials" id="configurationguide-hardresettroubleshooting-step2-configureitsmapiconnectorcredentials"></a>

The configuration of connector credentials is essential for enabling API calls. Each Service/API thinklet has a dropdown field for credentials that needs to be filled out. When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library. See detailed information in the [documentation](https://docs.nexthink.com/latest/integrations/outbound-connectors/connector-credentials).

ServiceNow actions can be created using the built-in ServiceNow connector. More information about the ServiceNow Incident Management connector can be found in the [documentation](/platform/user-guide/workflows/creating-workflows/configuring-connector-thinklet/servicenow-incident-management.md).

### Step 3 - Configure remote action(s) <a href="#configurationguide-hardresettroubleshooting-step4-configureremoteaction-s" id="configurationguide-hardresettroubleshooting-step4-configureremoteaction-s"></a>

This workflow uses the following remote actions. Make sure to install the latest versions and complete the setup as below.

<table><thead><tr><th width="244">Name</th><th width="193">Trigger</th><th>Parameters to edit</th></tr></thead><tbody><tr><td>Set service information</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td><p>The following RA input parameters must be configured:</p><ul><li>ServiceName: IntuneManagementExtension</li><li>StatusChange: start</li><li>SetSrartTypeTo: auto</li></ul></td></tr><tr><td>Restart service</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td><ul><li>ServiceName: DmWapPushService</li></ul></td></tr><tr><td>Intune policy refresh</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td><p>The following RA input parameters must be configured:</p><ul><li>Action: renew</li><li>Action: check (optional)</li><li>campaign_id: invoke_intune_profile_renewal</li></ul></td></tr><tr><td>Get Intune device status</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr><tr><td>Invoke Intune policy synchronization</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr><tr><td>Get intune client diagnostics</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr><tr><td>Get Intune synchronization status</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr></tbody></table>

### Step 4 - Schedule the workflow

This is an event-triggered workflow designed to run after a hardware reset punctual event is detected using NQL.

**Recommended trigger configuration**

Select the Scheduled trigger type and configure the event trigger as shown below.

**NQL:**

{% code title="Code" %}

```
1 devices during past 7d
2 | where operating_system.name !in ["*server*"]
```

{% endcode %}

**Recurrence:** Weekly - select at least one day.

***

RELATED TOPICS

* [Manage Workflows](https://nexthink.gitbook.io/opd/user-guide/workflows/managing-workflows)
* [Manage Remote Actions](https://nexthink.gitbook.io/opd/user-guide/remote-actions/managing-remote-actions)
* [Workflow: Intune client continuity](/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity.md)
* [Usage guide: Intune client continuity](/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity/usage-guide-intune-client-continuity.md)


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://docs.nexthink.com/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity/configuration-guide-intune-client-continuity.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.