question

ashisharya65 avatar image
0 Votes"
ashisharya65 asked DavidForeman-0086 commented

How we can we force the PS script on Intune to rerun

Hi Team,

Please help here ---

I am pushing a PS script to Intune machines on my tenant to change the Ethernet network adapter's network category from Public to private. This is to turn off the VPN automatically when the machine is on an Ethernet network.

For some reason, the script is getting failed for scenarios when the machines are not on LAN and connected to Wifi and when the machines gets to LAN, so the VPN does not turned off automatically.

Is there a way to resolve this issue?

mem-intune-graph
· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

I have prepared scripts for a client with the intent that each time a staff member logs in to a new device the script would kick off. I have found this is not the case. Seems the only way is to create a new script (or edit an existing one). This defeats the purpose of the script.

0 Votes 0 ·
CiciWu2-MSFT avatar image
0 Votes"
CiciWu2-MSFT answered jtsfvieira rolled back

Please understand that the Intune management extension agent checks with Intune once every hour and after every reboot for any new scripts or changes. After you assign the policy to the Azure AD groups, the PowerShell script runs, and the run results are reported. Once the script executes, it doesn't execute again unless there's a change in the script or policy. If the script fails, the Intune management extension agent retries the script three times for the next three consecutive Intune management extension agent check-ins.

If you want to force run the script, you can restart the IntuneManagementExtension service in task manager and and the script will rerun again on this device. Also, a restart on the device or restart service triggers the script. Here is a good sample:
https://oliverkieselbach.com/2018/02/12/part-2-deep-dive-microsoft-intune-management-extension-powershell-scripts/

If you want scripts to run multiple times for a user, you'll need to deploy a method of removing the key, reassigning the script or scheduling it as a task.
Reference: https://docs.microsoft.com/en-us/mem/intune/apps/intune-management-extension

If the response is helpful, please click "Accept Answer" and upvote it.
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


· 1
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Is there any justification for this change?

Before:
"The Intune management extension agent checks with Intune once every hour and after every reboot for any new scripts or
changes."

Now:
"The Intune management extension agent checks after every reboot for any new scripts or changes."

https://docs.microsoft.com/en-us/mem/intune/apps/intune-management-extension#before-you-begin


0 Votes 0 ·
yannara avatar image
0 Votes"
yannara answered

It is enough to re-add the script file into the script policy and it will re-execute it (for all devices).

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

PaulAustin-4556 avatar image
0 Votes"
PaulAustin-4556 answered AdminJoe-1170 published

Intune could be improved dramatically with one simple change.

If you go into Microsoft Company Portal and click the Sync button in settings it would go off, check in and run any updates that need to be run.

The current cycle of wait a random amount of time to see if the changes you made to a script, setting or new app to be installed isn't very productive for Administrators doing new things.

· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Indeed. This really slows down development and end to end testing before deploying to a production environment. An "Immediate" push option for individual devices would really help.

This is a major complaint I have about syncing devices and changes in Endpoint. The wait can be quite painful, I have seen it take many hours to push a change to a device.

1 Vote 1 ·

Agree!

0 Votes 0 ·

Completely agree with this sentiment

0 Votes 0 ·

I totally agree. Given that nearly all of the AD Group Policy Preferences functionality has moved to PowerShell scripts in InTune, having the equivalent functionality and immediacy as AD would also be an attractive feature to both hybrid and cloud native users who manage their Endpoints with InTune.

0 Votes 0 ·

I have to agree ENTIRELY. This is such a basic function, and one that should be as easy to implement as it is common-sensical.

0 Votes 0 ·