Key Takeaways:
- It enables administrators to visualize and analyze network health instantly by mapping devices and their connectivity.
- Intune streamlines deployment by applying LLTD settings through device configuration profiles, reducing manual setup effort.
- Helps in troubleshooting connectivity issues quickly.
- Improves network diagnostics and monitoring efficiency.
Let’s discuss Enable Link-Layer Topology Discovery for Instant Network Health Analysis using Intune. The Turn on Mapper I/O (LLTDIO) driver policy controls the “Link-Layer Topology Discovery” (LLTD) mapper. This protocol allows a Windows computer to query the local network to discover other devices and determine the layout (topology) of the network.
Table of Contents
Table of Contents
Enable Link-Layer Topology Discovery for Instant Network Health Analysis using Intune
The Link-Layer Topology Discovery (LLTD) protocol is a proprietary Layer 2 (Data Link Layer) network protocol developed by Microsoft as part of its Windows Rally technology suite. Its primary purpose is to provide a standardized way for Windows devices to “see” and “map” the physical and logical layout of a local area network (LAN).
By enabling this policy, It allows the Map” feature in Windows to function. IT administrators or users can see a visual representation of how devices are connected. If a device cannot be reached, seeing the topology helps identify if the break is at the switch level or the endpoint level.
- Managing Network Visibility by Disabling User Access to Connection Status using Intune Policy
- Enable or Disable Microsoft Account Connection Policy using Intune
- Intune Allow Microsoft Accounts to be Optional Policy
Example Scenario
A small architectural firm has 10 designers, several high-end network printers, and a local file server. They don’t have a dedicated “Network Engineer.” They enable LLTDIO so that when a new designer joins, their Windows machine can automatically “see” the office plotter and the file server on the network map. It simplifies the user experience in unmanaged or lightly managed environments.
Configure Policy with Intune Admin Center
To start Enable Link-Layer Topology Discovery policy creation, sign in with Microsoft Intune Admin center. Go to Devices > Configuration > +Create >+ New Policy. Look at the below screenshot.
Create Profile
Creating Profile is the next step after clicking on Create button. On this step you can choose platform and profile type. Here I would like to configure the policy to Windows 10 and later platform and settings catalog profile. Then click on the Create button.
Filling Basic Details
Basic tab helps you to give an identify for the settings you have to select for policy creation. You should add appropriate name and description for policy. Here is Name is mandatory and description is optional. After adding this click on the Next button.
Configure Link-Layer Topology
From the Configuration Tab, you can see the +Add settings hyperlink to access specific settings. When you click on this hyperlink, you will get Settings Picker. Here, I would like to select the settings by browsing by Category. I choose Administrative Templates\Network\Link-Layer Topology Discovery\Turn on Mapper I/O (LLTDIO) driver settings.
Disable Link-Layer Topology
If you disable or don’t configure this policy setting, the default behavior of LLTDIO will apply. Disable is the default value of this policy. Click on the Next button to continue.
Enable Link-Layer Topology
If you enable this policy setting, additional options are available to fine-tune your selection. You may choose the “Allow operation while in domain” option to allow LLTDIO to operate on a network interface that’s connected to a managed network.
After enabling this policy, If a device cannot be reached, seeing the topology helps identify if the break is at the switch level or the endpoint level. If a user sees a smart printer or a network storage device (NAS) on their map, they can often right-click it and select “View device webpage.
Adding Scope Tags
Scope Tags sections help you add restrictions to the visibility of the Policy. But it is not a mandatory step, so you can skip this step. Here, I don’t add scope tags for Link-Layer Topology Policy. Click on the Next button.
Selecting Group from the Assignment Tab
To assign the policy to specific groups, you can use the Assignment Tab. Here I click, +Add groups option under Included groups. I choose a group from the list of groups and click on the Select button. Again, I click on the Select button to continue.
Review + Create Tab
Before completing the policy creation, you can review each tab to avoid misconfiguration or policy failure. After verifying all the details, click on the Create Button. After creating the policy, you will get a success message.
Monitoring Status
The Monitoring Status page shows whether the policy has succeeded or not. To quickly configure the policy and take advantage of the policy sync, the device on the Company Portal, Open the Intune Portal. Go to Devices > Configuration > Search for the Policy. Here, the policy shows as successful.
Event Viewer
It helps you check the client side and verify the policy status. Open the Client device and open the Event Viewer. Go to Start > Event Viewer. Navigate to Logs: In the left pane, go to Application and Services Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Admin.
| Event Viewer |
|---|
| MDM PolicyManager: Set policy string, Policy: (LLTD_EnableLLTDIO), Area: (ADMX_LinkLayerTopologyDiscovery), EnrollmentID requesting merge: (EB427D85-802F-46D9- A3E2-D5B414587F63), Current User: (Device), String: (), Enrollment Type: (0x6), Scope: |
Removing the Assigned Group from Link-Layer Topology Settings
If you want to remove the Assigned group from the policy, it is possible from the Intune Portal. To do this, open the Policy on Intune Portal and edit the Assignments tab and the Remove Policy.
To get more detailed information, you can refer to our previous post – Learn How to Delete or Remove App Assignment from Intune using by Step-by-Step Guide.
How to Delete Link-Layer Topology
You can easily delete the Policy from the Intune Portal. From the Configuration section, you can delete the policy. It will completely remove it from the client devices.
For detailed information, you can refer to our previous post – How to Delete Allow Clipboard History Policy in Intune Step by Step Guide.
Windows CSP Details
This policy setting changes the operational behavior of the Mapper I/O network protocol driver. LLTDIO allows a computer to discover the topology of a network it’s connected to. It also allows a computer to initiate Quality-of-Service requests such as bandwidth estimation and network health analysis.
Need Further Assistance or Have Technical Questions?
Join the LinkedIn Page and Telegram group to get the step-by-step guides and news updates. Join our Meetup Page to participate in User group meetings. Also, Join the WhatsApp Community and WhatsApp Channel to get the latest news on Microsoft Technologies. We are there on Reddit as well.
Author
Anoop C Nair has been Microsoft MVP for 10 consecutive years from 2015 onwards. He is a Workplace Solution Architect with more than 22+ years of experience in Workplace technologies. He is a Blogger, Speaker, and Local User Group Community leader. His primary focus is on Device Management technologies like SCCM and Intune. He writes about technologies like Intune, SCCM, Windows, Cloud PC, Windows, Entra, Microsoft Security, Career, etc