4 Most common Issues while registering devices with Microsoft Intune MDM

 The built-in Mobile Device Management (MDM) for Office 365 helps you secure and manage your users' mobile devices like iPhones, iPads, Androids, and Windows phones. You can create and manage device security policies, remotely wipe a device, and view detailed device reports.

During implementation or deployment, there are some common issues which occur in many of the environment 

1-   Windows Update

Sometimes you will notice that Windows Update is showing-Up-To-Date but in actual, the version needed for the MDM Registration is not updating automatically and eventually fails every time in the loop

Solution Suggested

  • Go to this link upgrade your Windows 10 to the latest version
  • You will find a home page like the screenshot below. Click on UPDATE Now button. It will download a .exe file. Run the file and click on UPDATE Now button and press YES.
No alt text provided for this image
  • Here it will update your Windows 10 to the Latest Version

Note: You can still work during downloading and installation of the update. You must have to restart the system But make sure this thing that your laptop should have enough battery or in case of system you should have a proper power supply 

2. Windows Firewall

You may face this issue that once you have registered with MDM (Azure Intune), your system Virus protection or Windows Firewall stopped

Solution Suggested

  • Type WINKEY + R
  • Type Regedit
  • Then navigate to the following path

Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows Defender

  • Right click on “DisableAntiSpyware” and modify the value from whatever (1) o “0” as given Below
No alt text provided for this image
  • Then go to the Windows Defender Security
  •  Enable Firewall and Network Protection
  • Click on Restart Button
No alt text provided for this image

3. Device Shows Not evaluated

This is a very common problem people face where Device Shows the status “Not Evaluated” even after successfully registering the Device with MDM. This could be an issue that either a previous Intune Agent running on this device or any 3rd party agent installed which is resisting this system or device to change the status

If you want to check that if any previous version of Intune Registered with Azure AD or want to check if any Antivirus Installed in the system then you should see the below steps

Solution Suggested

Uninstall all pre-installed end-point-securities or Antivirus software if any.

  • If you see Intune installed but you cannot see the program installed in App Control panel.
  • How to remove/check previously installed Intune endpoint security using Command Prompt.

a.      Open “Command Prompt” with Run as Administrator

b.      Change the Directory to C:\Program Files\Microsoft\OnlineManagement\Common

c.      If you see the file “exe“not there means there are no Intune installation history. No need to follow the remaining steps.

d.      Collect the service ID value from Registry

HKLM\SOFTWARE\Microsoft\OnlineManagement

e.      Run the command: exe /UninstallClient /ServiceId “{<service ID>}” /TaskName “tempTask” /SubEventId 16

4. License

This thing is very easy to do but finding this problem is really a great fuss because the technical person will do everything to resolve issue except to check if he has assigned the proper license to the group of users or not.

Solution Suggested

So, people will face the issue where the devices are registered with AAD and Intune, but still, it will show the status of “Not Compliant” that’s due to not assignation of proper EMS License.

Thanks for reading this article, for more stay tuned !!!!

Comments

Post a Comment

Popular posts from this blog

Managing Windows Updates with Intune: Best Practices with Update Rings

Image
  Keeping Windows devices up to date is one of the most critical, and often most overlooked, aspects of endpoint security. With Microsoft Intune, you can manage Windows updates centrally using Update Rings , giving you control over when updates install, how users experience restarts, and how you test updates before broad deployment. In this guide, I’ll walk you through: What update rings are Why they’re essential for patch compliance How to configure them in Intune Best practices for rollout and user experience 1. What Are Windows Update Rings in Intune? Update rings in Intune allow you to: Define when and how Windows updates are delivered Set deadlines for installation and restarts Delay feature updates (e.g., to test before production) Control user experience during updates They apply to Windows 10 and 11 devices enrolled in Intune, including those provisioned via Autopilot. 2. Why Update Management Matters Without structured update management, you risk: Devices missing crit...
Read more

The Intune Device Lifecycle: From Onboarding to Retirement (Best Practices)

  Managing endpoints isn’t just about deployment, it’s about handling the entire device lifecycle : from onboarding and day-to-day management to secure deprovisioning when a device is no longer in use. Microsoft Intune provides a streamlined, policy-driven approach to each phase of this lifecycle, and when done right, it reduces IT overhead, increases security, and improves the user experience. In this post, I’ll walk you through the key stages of managing a device in Intune from start to finish, and how to handle each one effectively. Stage 1: Provisioning & Onboarding This is where the device journey begins, and it sets the tone for everything that follows. Tools and features to use: Windows Autopilot for zero-touch setup Enrollment Status Page (ESP) to control setup sequence Dynamic groups to assign configurations automatically Baseline security policies (compliance, Defender, encryption) Goal: Make the first experience smooth, secure, and consistent for every user. Sta...
Read more