Getting Started with Microsoft Intune Proactive Remediations

In this Lab video we dive into a feature of Endpoint Analytics in Microsoft Intune called “Proactive Remediations”

I give a high level overview of what Proactive Remediations are and an example of how we can use them to remediate invalid client registry settings. For the scenario presented during the lab, the clients were enabled for co-management and had a legacy GPO that had disabled Automatic Updates. The clients were internet connected and had no VPN to reach the domain for a Group Policy Update to reverse the legacy Group Policy setting. A Proactive Remediation script was an easy way to change the registry key for those internet connected clients.

Endpoint analytics (preview) documentation:- https://docs.microsoft.com/en-us/mem/analytics/

Tutorial: Proactive remediations:- https://docs.microsoft.com/en-us/mem/analytics/proactive-remediations

Scripts used in this tutorial:-
https://github.com/byteben/Windows-10/blob/master/Detect_EnableAutomaticUpdates.ps1
https://github.com/byteben/Windows-10/blob/master/EnableAutomaticUpdates.ps1

Clients require access to the following URLs to be able to send Telemetry Data to Intune:-

Intune Managed Devices:-
https://*.events.data.microsoft.com

Configuration Manager Managed Clients:-
https://graph.windows.net
https://*.manage.microsoft.com

Script TIP The PowerShell execution policy on the device can’t be set to Restricted or AllSigned

3 Real world examples where Proactive Remediations have been used:-

Leave a Comment

Your email address will not be published.

Time limit is exhausted. Please reload CAPTCHA.

 

This site uses Akismet to reduce spam. Learn how your comment data is processed.