Intune - Health - Configuration Guide

Overview

Lack of visibility into device compliance can quickly escalate into devices not receiving vital operational functions. This not only leads to increased issues on employee endpoints but also puts the wider organization at risk.

 The Intune – Health library pack allows you to track, detect and remediate devices within your landscape that have issues with the health of the installed Intune client.

Key features allow you to:

• Identify devices that have the Intune client, the ConfigMgr client, or are co-managed by both services.

• Detect stability issues related to the Intune clients, including crashes or freezes of any version.

• Monitor Intune clients’ performance to ensure devices are not adversely affected

• Understand the agent deployment in co-management – SCCM and Intune – scenarios

 The L1\L2 support teams can use this pack to ensure device compliance across the landscape.

Pre-Requisites

None

Changelog

V1.0.0.0 - Initial Release

Configuration

Pack Structure

The pack comprises five Remote Actions, an investigation, a category, and some metrics related to the dashboards.

Category

A category, Intune - Cloud Services, lists the currently known cloud services used by Intune. It is important to regularly check via Microsoft help pages if these have changed or been added to in which case, the category will need to be updated to reflect the changes.

Remote Actions

There are two types of remote action; data gathering and remediation. All the remote actions can be scheduled to run at a time decided by the IT department. The data gathering remote actions will supply the current status of the services on devices as targeted by the investigation, while the remediation remote action will attempt to repair any issues discovered, such as stopped or disabled services.

You can find more details of how these remote actions work and how they can be configured on the configuration page.

Data gathering remote actions.

• Get Microsoft Intune Device Status

• Get SCCM Client Status

• Get Service Information

• InTune - Get-DeviceHardwareId

Remediation remote action

• Set Service Information

Library Pack Setup Detailed Steps

The investigations and remote actions require some configuration to get the most accurate data and enable the remediation to occur.

Investigations

• Intune - Health - All devices

  • This investigation is used within the Get Microsoft Intune Device Status, Get SCCM Client Status, and Get Service Information remote actions. The investigation returns all devices within the estate based on the defined criteria within the investigation.

Remote Actions - data gathering

• Get Microsoft Intune Device Status

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action can use the Intune - Health - All devices investigation supplied to interrogate all devices within the estate as to whether the Intune service agent is installed and running.

    

• Get SCCM Client Status

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action uses the Intune - Health - All devices investigation to interrogate the devices defined within the investigation. The remote action returns the status of the ConfigMgr service (SCCM\MEM). You can find details of the remote action here: https://www.nexthink.com/library/microsoft-endpoint-manager-remote-actions/?searchReturn=memcm#get-sccm-client-status

• Get Service Information

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The remote action uses the Intune - Health - All devices investigation to interrogate the devices defined within the investigation. The remote action returns the status of the services defined within the remote action itself. For the purposes of the pack, the Intune service, IntuneManagementExtension, needs to be entered as the service name in order to be monitored. Details of the remote action can be found here: https://www.nexthink.com/library/windows-service-information/?searchReturn=windows%20service#get-service-information

• InTune - Get-DeviceHardwareId

  • This remote action generates a CSV file containing the Hardware ID of the target device. It is intended to help IT administrators obtain the Hardware ID required by Microsoft Autopilot to onboard existing Windows devices that are part of a migration plan to Microsoft Intune.

  • A network path to where the .csv files will be stored must be entered into the appropriate parameters files within the remote action.

  • 

    If the Remote Action is run on multiple devices simultaneously, a CSV file will be generated per device in the provided network path.

  • Microsoft Intune allows for the upload of a single .csv file at a time for device import. Uploading individual .csv files is obviously time-consuming and therefore when you have collected your desired .csv files (containing hardware ID) from devices, the following script can be executed in order to concatenate all individual .csv files into one single file. If for example, you have 1000 hardware ID .csv files containing hardware hashes, these 1000 files will be concatenated into rows in a single file.

  • A PowerShell script, CSVFileMerge.ps1 that helps with the merge of these .csv files has been provided to assist you. The script will need to be edited and the network path where the .csv files have been stored will need to be entered and the path of where you wish to have the merged output files saved to.

    

CSVFileMerge.ps1

Remote Actions - remediation

• Set Service Information

  • This remote action can be run either ad-hoc or on a schedule as defined by the IT department. The details of the service that needs to be remediated and its desired state are entered into the remote action. A single device can be targetted, or an investigation created to target several devices. Details of the remote action can be found here: https://www.nexthink.com/library/windows-service-information/#set-service-information