Forum Discussion
Win10 Hybrid AD Joined Computers Unable to install apps from Company Portal
All of our Windows 10 machines are unable to install any application from the Intune Company Portal. When trying to install an application from Company Portal, it almost immediately says "it's taking a little longer than usual to install this app. Try to install it again" and then presents a Retry button. .MSI, Windows Store for Business, and even the Microsoft-created Office and new Edge packages all do the same thing. Also doesn't matter if application is set as required install or just made available in Intune Portal.
All our Windows machines are Hybrid AD joined to Azure AD and enrolled in Intune via GPO. They show up as "compliant" in the device management portal and do get updated config/compliance policies. The devices don't show as requesting the application for install when you look at the Intune portal either.
Event Viewer logs in Applications > Windows > DeviceManagement-Enterprise-Diagnostics-Provider show several error entries like the below:
"MDM ConfigurationManager: Command failure status. Configuration Source ID: (CCADB38D-B155-4CAA-820F-52B368E2EEE4), Enrollment Name: (MDMDeviceWithAAD), Provider Name: (Policy), Command Type: (Add: from Replace or Add), CSP URI: (./Device/Vendor/MSFT/Policy/ConfigOperations/ADMXInstall/Receiver/Properties/Policy/FakePolicy/Version), Result: (The system cannot find the file specified.)."
and:
"MDM PolicyManager: Set policy int, Policy: (RequireRetrieveHealthCertificateOnBoot), Area: (Security), EnrollmentID requesting set: (CCADB38D-B155-4CAA-820F-52B368E2EEE4), Current User: (Device), Int: (0x1), Enrollment Type: (0x6), Scope: (0x0), Result:(0x80004005) Unspecified error."
Any thoughts on how to resolve and get our applications back to installing? Even setting up blank, new machines and enrolling yields the same errors.
- Moe_KinaniBronze ContributorWhat version of Windows are you using?
Moe- tatesethCopper ContributorHi Moe. We are all on 2004.
- Thijs LecomteBronze ContributorDo you have SCCM configured in your environment?
tateseth The Fakepolicy event can be ignored. Don`t know exactly why the event is logged, but MS support confirmed there is no issue when you see the event.
When deploying win32 apps have a look at this log file C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\IntuneManagementExtension.log
It logs everything related to the app deployments when using win32 app deployment, but also Edge should be logged in this file.- tatesethCopper Contributor
PKlapwijkI don’t have any Win32 apps that I packaged myself. We are only trying to push/make available MSI installers and Windows Store for Business apps in addition to the Microsoft-provided Office and Edge bundles. None of them install on any Windows 10 machine - leaving manual install the only option for us to get by. When we were troubleshooting, the management extension didn’t even create any logs until a couple of days ago and this has been going on for almost 2 months. All seems related to to the Company Portal.
tateseth The recommended way to go for installing LOB apps is win32, even if these are MSI files.
Win32 provides more control and better logging. I recommend to at least wrap one MSI into win32 package to test. As far as I know MSI isn`t tracked (anymore) during ESP.
The Intune management extension only handles win32 apps and PowerShell scripts, that is probably the reason you don`t see logging.
- NicklasAhlbergBrass ContributorHello, do you still have this issue? This could be related to conditional access policy and MFA.
//Nicklas- tatesethCopper ContributorHi, Not experiencing this issue anymore. Microsoft fixed/addressed something on their end and we were able to deploy apps again. No changes to MFA or conditional access required on my side. Thanks.