Support

Usage guide: Intune client continuity

This page outlines various ways to use the pack, including use case examples.

Administrators can refer to the Configuration guide: Intune client continuity to set up and customize the installed content.

The Intune client continuity library pack enables EUC teams to:

  • Identify common Intune client issues

  • Automatically apply fixes for the most common Intune client issues

  • Report the cases where automatic fixes were not available or where these fixes did not help through the ITSM ticket.

Library pack uses

Jump to Use cases on this page to see relevant scenario applications.

Use the library pack content for the following purposes.

Visibility

The Intune client continuity is the starting point for this library pack. This automated workflow performs checks and self-healing actions to ensure Intune client compliance, resolving common issues and creating ITSM tickets for unresolved ones, allowing support teams to focus on more critical problems.

Use cases

This section describes the key part of this workflow, which identifies the health of the Intune client's key components, applies the remediation to bring the client to a working state, and then verifies its synchronization and compliance status.

Check Intune enrollment, and compliance

  1. The device's Intune enrollment state is checked directly through a Graph API connection

  2. If the device is not enrolled, then workflow terminates.

  3. If the device is enrolled correctly, the workflow checks the status of Intune client synchronization with a Get Intune synchronization status remote action.

  1. If the synchronization status is healthy, the workflow checks the device's Intune compliance status.

  2. If compliant, the workflow terminates.

  3. If not compliant, the workflow will next force the Intune client to sync policies. This is covered in Step 10 here.

Intune synchronization troubleshooting

  1. If the synchronization status is not healthy, the remote action 'Get Intune device status' is run on the device.

  2. The first check is whether the IME service is detected.

  3. If not, a diagnostics check is made on the device and an ITSM ticket is logged, this is explained here.

  4. If detected, the next check is whether the IME service is running.

  1. If the IME service is not running, the remote action 'Configure IME service' is run on the device, and the workflow moves to step 9.

  2. If the IME service is running, the workflow checks whether an MDM certificate is present on the device.

  3. If not present a diagnostics check is made on the device and an ITSM ticket is logged, this is explained here.

  4. If an MDM certificate is present, the certificate's validity is checked.

  5. If the MDM certificate is not valid, a diagnostics check is made on the device and an ITSM ticket is logged, this is explained here.

  6. If the certificate is valid, the Intune DmWapPushService is restarted using the 'Restart Intune service' remote action.

  7. The next step is to force the Intune client to sync policies, using the remote action 'Invoke Intune policy sync'.

  8. The workflow will now pause for 5 minutes to allow the synchronization process to complete.

The last section of the workflow repeats the synchronization and diagnostic checks already performed to confirm that the self-help process has completed successfully.

Create diagnostics reports for devices with synchronization issues

  1. If the synchronization process is still failing, the remote action 'Execute Intune diagnostics script' is run to collect diagnostics data

  2. This is then written to an ITSM ticket.

Create diagnostics reports for non-compliant devices

  1. If the device is now synchronized with Intune, it is checked to make sure it is compliant with Intune policies.

  2. If the device is non-compliant the remote action 'Execute Intune diagnostics script' is run to collect diagnostics data.

  3. This is then written to an ITSM ticket.

RELATED TOPICS

Last updated

Was this helpful?