Configuration guide: Intune client continuity

Pre-requisites

This library pack contains content from the following expansion products.

Content list and dependency

This library pack contains the following content and dependencies:

Type
Name
Description

Intune client continuity

The workflow performs checks and self-healing actions to ensure Intune client compliance, resolve common issues and create ITSM tickets for unresolved ones

Get Intune synchronization status

Helps to identify any issues with policy synchronization or problems applying policy.

Get Intune device status

Helps to understand the health of Intune-managed devices, and identify any issues with device enrollment.

Set service information

Changes the status and startup type of one or multiple services, which are provided as input.

Restart service

Restarts the service except if it is in the blacklist.

Invoke Intune policy synchronization

Searches for the "PushLaunch" scheduled task created automatically by Intune and forces the start of the task forcing the policy synchronization.

Get Intune client disgnostics

Creates a copy of the MDM logs within the folder "c:\users\public\documents" on a local device.

Intune policy refresh

Renew enrollment and force a sync of macOS devices into Intune

Configuration guide

Adapt these suggested configuration steps to edit and customize content according to your organizational needs.

Follow these steps to install and configure content:

  • Before configuration - Install library pack content from Nexthink Library

  • Step 1 - Confiure a GraphAPI connector

  • Step 2 - Configure ITSM API connector credentials

  • Step 3 - Configure remote action(s)

  • Step 4 - Schedule the workflow

Step 1 - Configure a GraphAPI connector

This workflow uses an Intune connector, which relies on a Microsoft GraphAPI connector, to retrieve Intune status information directly for the target device.

Refer to Entra ID integration for workflows to configure the appropriate connector credentials in Nexthink.

Refer to the Graph REST API documentation from Microsoft for more information.

Step 2 - Configure ITSM API connector credentials

The configuration of connector credentials is essential for enabling API calls. Each Service/API thinklet has a dropdown field for credentials that needs to be filled out. When the workflow is installed or copied from the Library, this field will be blank as it is a local setup of each environment and is not included in the Library. See detailed information in the documentation.

ServiceNow actions can be created using the built-in ServiceNow connector. More information about the ServiceNow Incident Management connector can be found in the documentation.

Step 3 - Configure remote action(s)

This workflow uses the following remote actions. Make sure to install the latest versions and complete the setup as below.

Name
Trigger
Parameters to edit

Set service information

API trigger should be enabled so that it can be triggered from the Workflow

The following RA input parameters must be configured:

  • ServiceName: IntuneManagementExtension

  • StatusChange: start

  • SetSrartTypeTo: auto

Restart service

API trigger should be enabled so that it can be triggered from the Workflow

  • ServiceName: DmWapPushService

Intune policy refresh

API trigger should be enabled so that it can be triggered from the Workflow

The following RA input parameters must be configured:

  • Action: renew

  • Action: check (optional)

  • campaign_id: invoke_intune_profile_renewal

Get Intune device status

API trigger should be enabled so that it can be triggered from the Workflow

None

Invoke Intune policy synchronization

API trigger should be enabled so that it can be triggered from the Workflow

None

Get intune client diagnostics

API trigger should be enabled so that it can be triggered from the Workflow

None

Get Intune synchronization status

API trigger should be enabled so that it can be triggered from the Workflow

None

Step 4 - Schedule the workflow

This is an event-triggered workflow designed to run after a hardware reset punctual event is detected using NQL.

Recommended trigger configuration

Select the Scheduled trigger type and configure the event trigger as shown below.

NQL:

Code
1 devices during past 7d
2 | where operating_system.name !in ["*server*"]

Recurrence: Weekly - select at least one day.


RELATED TOPICS

Last updated

Was this helpful?