Intune managed test VM - last scan time way back in November

Bojan Zivkovic 436 Reputation points
2021-02-08T09:11:32.023+00:00

Hi, I have a test VM being co-managed by MECM & Intune with Windows 10 updates workload being managed by Intune. However I always see this last scan time no matter what I try on troublesome machine.

65310-image.png

How to troubleshoot this? On other test machine (although physical) last scan time is from this morning.

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,365 questions
0 comments

9 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Lu Dai-MSFT 28,356 Reputation points
    2021-02-09T02:47:50.507+00:00

    @Bojan Zivkovic Thanks for posting in our Q&A.

    For this issue, we appreciate your help to check if the setting "Option to check for Windows updates" in Windows 10 update rings is "enable".

    At the same time, we suggest to try to click "Check for update" in settings > Update&Security > Windows Update and sync the device in settings > Accounts > Access work or school. Then we could see if the last scan time will change in intune portal.

    If there is anything unclear, feel free to let us know.

    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments
  2. Bojan Zivkovic 436 Reputation points
    2021-02-10T10:39:14.943+00:00

    I noticed some issues with AAD account - having fixed that I ran update manually/rebooted/sync but still same in the portal - last scan time 11/24/20. Regarding settings here they are:

    66395-image.png

  3. Bojan Zivkovic 436 Reputation points
    2021-02-19T18:26:17.66+00:00

    We are using Configuration Manager 2010 Software Update Point which, of course, leverages WSUS. However I though moving workload to Intune for pilot collection would be flawless.

  4. Bojan Zivkovic 436 Reputation points
    2021-03-05T09:51:38.817+00:00

    Sorry for a break from last post - yesterday I noticed last scan time 9th of February for troublesome machine. Having logged there I ran scan manually (it says automatic updates are turned off in your company - probably some GPO in place), installed updates and rebooted machine. What I found later is even more odd - other machine without issues before now is not displayed at all in End user update status, while troublesome machine is still displayed with Pending updates status and last scan time 9th of February. As last resort I again rebooted both machines but with same outcome. Wrong information, high latency, unexpected behavior ... I hesitate to start enrollment of production Windows 10 machines to Intune and move some workload from MECM to Intune.

  5. Bojan Zivkovic 436 Reputation points
    2021-03-08T12:39:56.927+00:00

    Ok, one final thing - if client is co-managed and Windows Update policies workload has been moved to Intune does it mean client should ALWAYS go to the Internet to sync/download updates meaning it has nothing to do with MECM's WSUS it used previously before workload move? Whole concept of co-management is not well explained in details - since we plan to move Windows Updates/Endpoint Protection workloads to Intune some good documentation would be priceless. I guess then Defender AV definition updates are also downloaded from the Internet.

    0 comments