Forum Discussion
Microsoft EPM Agent will not install.
I have configured my elevation settings and created an elevation rule:
They are assigned to a group with my test user as a member. EPM License has been assigned to the test user.
The endpoint targeted is running Windows 11 22H2 with June 5th updates:
My elevation settings policy has been successfully applied to the endpoint.
However I am still not showing my Elevation Rules being applied:
Also inside File Explorer at c:\program files\ I am not seeing the "Microsoft EPM Agent" directory:
The endpoint is checked in and I can run other Intune related services against it successfully:
This has been days now since I began this supposed simple task of elevating an app. I have read Microsoft's Documentation along with many other's "User Experience" articles and blogs.
My app still does not have the right click menu option "Run with Elevation". I must assume this will not happen until the Microsoft EPM Agent is installed on the endpoint and the rule is successfully applied.
Any help would be appreciated.
Jason
20 Replies
Did you by any chance read my blogs about MMP-C and what happens when the device is enrolled with EPM? As manually installing the epm agent wont do anything without the device being enrolled into the microsoft managed platform - cloud
This blog explains the first few steps in detail
https://call4cloud.nl/2023/06/the-infernal-mmp-c-discovery/
Of course you could also kick of the mmpc linked enrollment on your own with the use of the linked csp (do not use it in production)
https://call4cloud.nl/2023/04/i-killed-my-epmagent-enrollment-hung-her-on-a-meathook-and-now-i-have-a-three-picture-deal-at-mmpc/#part12
What domain are you using? as I know (and mentioned in the first blog I pointed out) that there was a small issue some time ago with k12 domains (which got resolved quickly..)Besides that... what is the dsregcmd /status output giving you ? I assume the device is adjoined succesfully and has a PRT?
Rudy, thank you for your reply.
I have read your blog, thank you for your work there.
Our domain is a .org
Here are some snippets of the dsregcmd output:
I have not forced the MMP-C enrollment. Perhaps I will attempt that next. The test device is in production but I am confident it has the required patches.Thank you again!
Jason- I would start by checking out the devicemanagement event logs, just like I showed in one of the blogs I mentioned. As those would certainly tell you or show you an error... If i have that error code/message we can probably solve (yeah we can 🙂 )
Attempting to run the task in task scheduler, "Schedule created by dm client for dual enrollment to Mmpc" shows result 0x8018000B (Device not enrolled).
After attempting to install the EPM Agent manually the logs show the follow:
