cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

InTune Management Extension Service Problem!

chillidave19
Copper Contributor

‎Oct 31 2019 03:43 AM

‎Oct 31 2019 03:43 AM

InTune Management Extension Service Problem!

Hello Community!

 

I am currently working on an onboarding exercise for my Windows 10 device fleet, moving them away from an unmanaged, ad-hoc deployment, to an AAD/InTune managed deployment. My scenario is:

 

> ~1,000 unmanaged Windows 10 devices

> Enrollment into InTune is done automatically once the user joins AAD (via Settings App > Accounts  Work/School Account)

> This is pure AAD/InTune, no hybrid/on-prem AD involvement

 

On my test machine (which is a brand new Windows 10 1903 install, I log in as the first admin user (local), connect it to Azure AD, see it pop up in InTune (as managed by MDM) and my configuration profiles and applications that are scoped to the Azure AD security group - so that allworks fine.

 

However, I cannot get my PowerShell script to deploy. After reading many, many, manyyyy blogs, forum posts, MS Docs, I am now very aware that for InTune to deploy PS scripts, that the InTune Management Extenstion needs to be present. So I started looking down that track.

 

On this machine, I cannot see any reference of the IME in Program Files, ProgramData, Start Menu, Programs/Features ..... basically it seems as if it hasn't installed. However, looking in the registry (HKLM\Software\Microsoft\EnterpriseDesktopAppManagement\<SID>\MSI\<GUID>, I am seeing Status as 70, which according to other reading, imnplies that the agent is installed and enforcement is on. (Screenshot 1)

 

On the same machine, I have tried to install the InTuneWindowsAgent.msi. The installation completes, but then uninstalls itself after a matter of seconds.

 

A few more side notes:

> The VM which I'm using to test on is Win 10 1903

> It has been running for a few days, so should be plenty of time for InTune to do whatever it needs to do

> The PowerShell script runs fine when executed locally

> The script withi InTune is assigned to an AAD Security Group which contains users

> The are no installation errors within Event Log relating to WIndows being able to install the Extension (Screenshot 2). I do see successful MSI install logs (1901, 1904, 1905, 1906, 1920 with 1922 being the final success)

 

Any help would be greatly appreciated!

 

Cheers,

Dave

 

Preview file
108 KB
Preview file
64 KB
5,310 Views
0 Likes
1 Reply
Reply
1 Reply
Vinod7

‎Oct 31 2019 01:56 PM

‎Oct 31 2019 01:56 PM

Re: InTune Management Extension Service Problem!

@chillidave19 Did you try to create CNAME in your DNS ?

0 Likes
Reply