Forum Discussion
Endpoint privilege management, deployment unsuccessful with "device health monitoring" error
Hello all, I'm testing Endpoint privilege management on a few machines in a test environment. The elevation settings policy isn't deploying when "send data to microsoft" is selected, the error receiv...
So folks, I think I have cracked this! My mistake was that I had created elevation rules based off Windows 10 file (regedit and PowerShell in my case), while I was targeting to Windows 11 endpoints 😞 . ONce I updated the rules with Windows 11 version of files- it took a few policy refreshes for the elevation policy as well as rules to kick in, and magically the EPM components got installed 🙂 One would think that the elevation policy would still apply even with an invalid elevation rule, but not the case until I fixed the elevation rules. All that stuff about 'invalid endpoint URL' was bogus it seems like. Other notes: I enabled diagnostics and reporting after I verified everything was working, and that too is functional now (at least no errors) although still awaiting reports since apparently there is a 24 hour delay 'by design'. Also make sure to assign the 'Intune Suite license' to the targeted users (not sure if that is impactful but logically it would make sense to do so). Good luck.
FishingNotPhishing
Microsoft
MicrosoftI am skeptical that the actual rule contents had any effect on getting the agent installed. The contents are not inspected in this way. It's more likely that updating the rules (any update at all) triggered something that was stuck, which caused the new policy to get sent to the device. Having policy targeted to the device is what triggers the agent to be installed for the first time.
- Yep plus 1… as the mmpc enrollment is different then the elevation policies :)… and the device didnt even got mmpc enrolled… so i still stick to the invalid endpoint error that got fixed yesterday… i whish i could explain the error and the fix but nda all the way 🙂
