Excellent @Rahul Jindal [MVP]
Now it makes sense to me and we can close this thread.
intune push the same policy/script again
I got one interesting point, if anybody can help me break the ice.
As we know, Intune will only push the deltas.
I am assigning one power-shell script S1 to do one simple registry-change.
Next day I am sending one another script S2 to reverse that change.
Now if I want to send the original S1 one more time, it is not happening (even though I hit SYNC button on Intune) as S1 was already assigned and successfully applied to that user.
Any trick to instrument Intune to send S1 ?
Is there any thing like forcefully sending policy/script to the device.
Thanks.
-
Chirag shah 191 Reputation points
2021-09-29T15:31:44.84+00:00
12 additional answers
Sort by: Most helpful
-
Rahul Jindal [MVP] 9,151 Reputation points MVP
2021-09-25T06:06:25.303+00:00 The script from Intune will not re-run by itself if it has already run successfully. The easiest way to make it re-run is by making change in the policy of some sort. Just rename the script to something else, upload it again. Intune will see this a new policy and then execute it again on end points. I normally use versioning in the script to control the execution. Example v1.0, v1.1
-
Chirag shah 191 Reputation points
2021-09-25T13:57:34.87+00:00 @Rahul Jindal [MVP] thanks for your answer and totally makes sense.
I will try to see if adding description etc. can trigger it.On that note, I have one point to confirm.
as script is a one time deployment, are the configuration profiles also one time deployment ??Thanks.
-
Chirag shah 191 Reputation points
2021-09-25T15:27:58.2+00:00 what I meant by description is, when you configure script in Intune, you also give some description of the script. (there is a field for it)
I was in impression if I make any change like that , it will trigger the push again.Anyways, more important point is the "configuration policies"
Yes, I agree that if I modify any setting in the policy, the whole policy will trigger.
But that is exactly that same like script.
As you can not re-run the script, you can not re-push the configuration.I was hoping that Intune might give some explicit, forceful sync-up switch for Intune Admin to push any particular policy if/when needed (even if the policy was successfully assigned previously)
May be some local-admin made some out-of-band change to test something on the device and voided the config-policy.
Now we want to push the policy to take the control back.Thanks.
-
Rahul Jindal [MVP] 9,151 Reputation points MVP
2021-09-25T22:15:29.227+00:00 Scripts don’t re-run unless you update the script itself. Changing the description against the script will also not result in re-running of the script.
The device configuration policies are evaluated every 8 hours. If a local admin does change something, the setting under the mdm policy will fall out of compliance and during a scheduled re-evaluation, the managed setting will again get applied. I hope this clears things.