# Configuration guide: Intune client continuity

{% hint style="warning" %}
The configuration options on this page are only accessible to [administrators](https://docs.nexthink.com/platform/user-guide/administration/account-management/roles#roles-administration).

Refer to the [Usage guide template: Intune client continuity](https://docs.nexthink.com/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity/usage-guide-intune-client-continuity) to use library content as a standard user.
{% endhint %}

## Pre-requisites <a href="#configurationguide-hardresettroubleshooting-pre-requisites" id="configurationguide-hardresettroubleshooting-pre-requisites"></a>

This library pack contains content from the following [expansion products](https://nexthink.gitbook.io/opd/overview/products).

* [Flow - Workflows](https://nexthink.gitbook.io/opd/user-guide/workflows)

## Content list and dependency <a href="#configurationguide-hardresettroubleshooting-contentlistanddependency" id="configurationguide-hardresettroubleshooting-contentlistanddependency"></a>

This library pack contains the following content and dependencies:

| Type                                                                        | Name                                 | Description                                                                                                                                                 |
| --------------------------------------------------------------------------- | ------------------------------------ | ----------------------------------------------------------------------------------------------------------------------------------------------------------- |
| [Workflows](https://nexthink.gitbook.io/opd/user-guide/workflows)           | Intune client continuity             | The workflow performs checks and self-healing actions to ensure Intune client compliance, resolve common issues and create ITSM tickets for unresolved ones |
| [Remote Actions](https://nexthink.gitbook.io/opd/user-guide/remote-actions) | Get Intune synchronization status    | Helps to identify any issues with policy synchronization or problems applying policy.                                                                       |
|                                                                             | Get Intune device status             | Helps to understand the health of Intune-managed devices, and identify any issues with device enrollment.                                                   |
|                                                                             | Set service information              | Changes the status and startup type of one or multiple services, which are provided as input.                                                               |
|                                                                             | Restart service                      | Restarts the service except if it is in the blacklist.                                                                                                      |
|                                                                             | Invoke Intune policy synchronization | Searches for the "PushLaunch" scheduled task created automatically by Intune and forces the start of the task forcing the policy synchronization.           |
|                                                                             | Get Intune client disgnostics        | Creates a copy of the MDM logs within the folder "c:\users\public\documents" on a local device.                                                             |
|                                                                             | Intune policy refresh                | Renew enrollment and force a sync of macOS devices into Intune                                                                                              |

## Configuration guide <a href="#configurationguide-hardresettroubleshooting-configurationguide" id="configurationguide-hardresettroubleshooting-configurationguide"></a>

{% hint style="info" %}
Adapt these suggested configuration steps to edit and customize content according to your organizational needs.
{% endhint %}

Follow these steps to install and configure content:

* Before configuration - Install library pack content from [Nexthink Library](https://docs.nexthink.com/platform/latest/library)
* Step 1 - Confiure a GraphAPI connector
* Step 2 - Configure ITSM API connector credentials
* Step 3 - Configure remote action(s)
* Step 4 - Schedule the workflow

### Step 1 - Configure a GraphAPI connector <a href="#configurationguide-hardresettroubleshooting-step6-scheduletheworkflow" id="configurationguide-hardresettroubleshooting-step6-scheduletheworkflow"></a>

This workflow uses an Intune connector, which relies on a Microsoft GraphAPI connector, to retrieve Intune status information directly for the target device.

Refer to [Entra ID integration for workflows](https://docs.nexthink.com/library/entra-id-integration-for-workflows) to configure the appropriate connector credentials in Nexthink.

Refer to the [Graph REST API](https://learn.microsoft.com/en-us/graph/api/overview?view=graph-rest-1.0) documentation from Microsoft for more information.

### Step 2 - Configure ITSM API connector credentials <a href="#configurationguide-hardresettroubleshooting-step2-configureitsmapiconnectorcredentials" id="configurationguide-hardresettroubleshooting-step2-configureitsmapiconnectorcredentials"></a>

The configuration of connector credentials is essential for enabling API calls. Each Service/API thinklet has a dropdown field for credentials that needs to be filled out. When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library. See detailed information in the [documentation](https://docs.nexthink.com/latest/integrations/outbound-connectors/connector-credentials).

ServiceNow actions can be created using the built-in ServiceNow connector. More information about the ServiceNow Incident Management connector can be found in the [documentation](https://docs.nexthink.com/platform/user-guide/workflows/creating-workflows/configuring-connector-thinklet/servicenow-incident-management).

### Step 3 - Configure remote action(s) <a href="#configurationguide-hardresettroubleshooting-step4-configureremoteaction-s" id="configurationguide-hardresettroubleshooting-step4-configureremoteaction-s"></a>

This workflow uses the following remote actions. Make sure to install the latest versions and complete the setup as below.

<table><thead><tr><th width="244">Name</th><th width="193">Trigger</th><th>Parameters to edit</th></tr></thead><tbody><tr><td>Set service information</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td><p>The following RA input parameters must be configured:</p><ul><li>ServiceName: IntuneManagementExtension</li><li>StatusChange: start</li><li>SetSrartTypeTo: auto</li></ul></td></tr><tr><td>Restart service</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td><ul><li>ServiceName: DmWapPushService</li></ul></td></tr><tr><td>Intune policy refresh</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td><p>The following RA input parameters must be configured:</p><ul><li>Action: renew</li><li>Action: check (optional)</li><li>campaign_id: invoke_intune_profile_renewal</li></ul></td></tr><tr><td>Get Intune device status</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr><tr><td>Invoke Intune policy synchronization</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr><tr><td>Get intune client diagnostics</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr><tr><td>Get Intune synchronization status</td><td>API trigger should be enabled so that it can be triggered from the Workflow</td><td>None</td></tr></tbody></table>

### Step 4 - Schedule the workflow

This is an event-triggered workflow designed to run after a hardware reset punctual event is detected using NQL.

**Recommended trigger configuration**

Select the Scheduled trigger type and configure the event trigger as shown below.

**NQL:**

{% code title="Code" %}

```
1 devices during past 7d
2 | where operating_system.name !in ["*server*"]
```

{% endcode %}

**Recurrence:** Weekly - select at least one day.

***

RELATED TOPICS

* [Manage Workflows](https://nexthink.gitbook.io/opd/user-guide/workflows/managing-workflows)
* [Manage Remote Actions](https://nexthink.gitbook.io/opd/user-guide/remote-actions/managing-remote-actions)
* [Workflow: Intune client continuity](https://docs.nexthink.com/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity)
* [Usage guide: Intune client continuity](https://docs.nexthink.com/platform/library-packs/security-and-compliance/workflow_-intune-client-continuity/usage-guide-intune-client-continuity)