Forum Discussion
Endpoint privilege management, deployment unsuccessful with "device health monitoring" error
Hello all, I'm testing Endpoint privilege management on a few machines in a test environment. The elevation settings policy isn't deploying when "send data to microsoft" is selected, the error received mentions an "Allow Device Health Monitoring" error, but that settings is correctly deployed via configuration profiles. Also can't find any info about that in the logs.
If I deselect "send data to microsoft" then the policy is deployed successfully, but in reality the app is not installed on the target devices (so no right click options about EPM). Anyone facing the same issue, and what steps could we try to fix it?
- lgilbert907Copper Contributor
+1 Guess I'll come back in a few weeks.
- dye_luckyCopper ContributorIt's sad, but yeah, I think we will need to wait. So far, I've seen this work or not work with no rhyme or reason....I've AutoPiloted 2 PC's recently and was enabled, but the other one didn't...
- Friedrich GrosseibelCopper Contributor
MaxMorsia I also do not seem to get this working on any of my ARM64 based devices like the Surface Pro X or Surface Pro 9 LTE.
On Intel devices it seems to work.- FishingNotPhishingMicrosoftARM64 devices are not yet supported.
- Friedrich GrosseibelCopper Contributor
FishingNotPhishing I know that it is like this, but I wasn't able to find a documentation entry. Can you link were you found that information please?
- dye_luckyCopper Contributor
*UPDATE* seemed to work perfectly on my Intel device [Dell]. 🫤
- ZtdidCopper ContributorThe exact same issue is occuring on my Dell 3310 laptops.
- hahluwaliaCopper ContributorSame issues in my tenant.
- ZtdidCopper ContributorI even went into the settings catalog and there is a setting called Device Health, I pushed that to my device with the same reults.
- I assume you arent blocking telemetry? AllowTelemetry
SOFTWARE\Policies\Microsoft\Windows\DataCollection
And this service isnt disabled?
Connected User Experience and Telemetry.
What does this reg key tells you?
HKEY_LOCAL_MACHINE\software\microsoft\policymanager\current\device\DeviceHealthMonitoring- ZtdidCopper ContributorConnected User Experience and Telemetry is running
SOFTWARE\Policies\Microsoft\Windows\DataCollection I see this key Allow Telementary Policy Manager value 3
HKEY_LOCAL_MACHINE\software\microsoft\policymanager\current\device\DeviceHealthMonitoring I see 12 keys , do you have keys to refernce to see if the values are correct?- Clay_TaylorMicrosoft
- MaxMorsiaBrass Contributor
Hi,
regarding the first nest, AllowTelemetry_PolicyManager is = 1
same goes for AllowDeviceHealthMonitoring (=1) under HKEY_LOCAL_MACHINE\software\microsoft\policymanager\current\device\DeviceHealthMonitoring. Service "Connected User Experience and Telemetry" is running.
- What happpens when kickstarting the enrollment by using the csp that initializes the enrollment?
- MaxMorsiaBrass Contributor
Sorry, I'm not following you. Isn't the CSP already the policy deploying the settings?
- MaxMorsiaBrass ContributorSomething changed this morning. Now the impacted devices are "not applicable". No more failure...
- Ashok1996Copper ContributorI am also getting same issue what will be exact solution to resolve this issue
- sammyvvvCopper Contributor
has anyone had any joy with this ?also having the same issue..
- MaxMorsiaBrass ContributorHave you installed KB5023773 on Win 10 or is Win 11 on 22h2? After that my deployment was successful, though there are still some glitches (same error on "device health" for some devices, but the whole contraption seems to work)
- iainfmCopper Contributor
I'm having the same issue. EPM deploys and works on some machines, but not others even though they're the same version (22H2 22621.1555) and have the latest updates.
If I try to install KB5023774 I get an error saying "The update is not applicable for your computer".