How to Troubleshoot Windows 11 10 Intune MDM Issues

Learn how to Troubleshoot Windows 11 10 Intune MDM Issues from this blog post. There are several options to troubleshoot and some of them are explained here.

Windows 11 or 10 MDM issues and troubleshooting are pretty new for SCCM admins like me! So what is the importance of Windows 10 MDM? When you use Intune or SCCM + Intune hybrid to manage Windows 10 machines, all the management policies are deployed through the MDM channel. This post is Windows 10 MDM Troubleshooting Guide.

Related Posts

Understand Windows 10 MDM Architecture

For example, if an Intune policy is deployed to a Windows 10 machine, but it’s not getting applied on a Windows machine, then how do we start troubleshooting? First of all, we need to understand Windows 10 management architecture. Following is the high-level architecture diagram for Windows 10 management. Windows 10 MDM issues troubleshooting will be easy if we know this high-level architecture. This post will help us as Windows 10 MDM Troubleshooting Guide.

Patch My PC
How to Troubleshoot Windows 11 10 Intune MDM Issues 1
How to Troubleshoot Windows 11 10 Intune MDM Issues 1

There could be many ways to troubleshoot Windows 10 MDM issues while using Microsoft Intune to deploy policies to those devices. In this post, I will share the 3 easy ways to start MDM troubleshooting. Yes, it’s different from the SCCM/ConfigMgr client’s way of troubleshooting as there are no log files for the MDM client.

MDM client is in build with Windows 10 operating system, and events logs are the best place to start troubleshooting Windows 10 MDM issues. The 3rd way mentioned in this post is very easy for me and IT Pros to understand and start Windows 10 MDM troubleshooting. I have created a video to explain the troubleshooting tips, as you can see above.

[Related Posts – How to Start Troubleshooting Intune Issues]

Video Tutorial – Windows 10 MDM Troubleshooting Guide

Windows 10 MDM Troubleshooting Guide video tutorial to help IT Pros!

How to Troubleshoot Windows 11 10 Intune MDM Issues 1

Troubleshoot with Windows 10 Event Logs

Event Logs  :- Microsoft->Windows->DeviceManagement-> Enterprise-Diagnostics-Provider/Admin

Event logs in Windows 10 machines are the best to start troubleshooting MDM-related issues. As you can see in the below screen capture, you could be able to see where to go in events logs (Microsoft->Windows->DeviceManagement->Enterprise-Diagnostics-Provider/Admin) to see the details of the MDM and Device Management related issues. When the machine is Workplace Joined or AAD joined, all the events related to Intune/SCCM policies are recorded in “this” event log section.

AAD event logs are also very useful in this windows 10 MDM issue, and you can check out the following location for AAD-related event logs “Microsoft-Windows-AAD/ Operational”. Event logs are an integral part of the Windows 10 MDM Troubleshooting Guide.

The event logs are the best to start the Windows 10 MDM issues troubleshooting. You will get the detailed status of Intune or SCCM hybrid policies from event logs. Each entry in those event logs will tell you whether the deployed policies are reached and applied on that machine or not. There is also a way to export the MDM log files to the folder “C:\Users\Public\Documents\MDMDiagnostics” from Windows 10 settings – connect to the work or school page.

[Related Posts – How to Start Troubleshooting Intune Issues]

How to Troubleshoot Windows 11 10 Intune MDM Issues 1
How to Troubleshoot Windows 11 10 Intune MDM Issues 1

Troubleshoot Windows 10 with WMI Explorer

WMI Explorer way of checking whether the policy settings are applied or not:-

WMI Explorer is the best tool to check the MDM policies to confirm whether those settings are applied on the windows 10 system or not. As you can see in the following screen capture, this is how to check whether MDM policies are correctly applied to a Windows 10 machine.

I have deployed the Windows Defender policy from Intune to this Windows 10 machine, and you can use WMI explorer to find out whether these policies are applied on the machine or not. Again, when you start troubleshooting, the best place to begin with is event logs.

We can also check this via WBEMTEST, but we may need to start WBEMTEST from the system context to see the policy details. WMI Explorer is the best place to check and confirm whether the MDM policies (from Intune or SCCM) have been applied to a machine.

[Related Posts – How to Start Troubleshooting Intune Issues]

Registry way of checking Windows 10 MDM Policy settings

Troubleshoot Windows 10 with Registry Entries

The 3rd and easiest way to check whether the MDM policies are applied to a Windows 10 machine is the registry key. Following is the registry location where you can find MDM policy settings. You want to check for MDM policy settings on Windows 10 machine is HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers

In this below screen capture, you can see the Windows Defender settings I applied to Windows 10 machines through Intune policies. The only caveat of this method is we need to find out a way to decode each provider GUID (CLSID Key?) related to MDM policies. Following are some of the extracts from my Windows 10 machine:-

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\18dcffd4-37d6-4bc6-87e0-4266fdbb8e49 - Power Policy Settings Buttons

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\1e05dd5d-a022-46c5-963c-b20de341170f - Power Policy Controls Energy

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\23cb517f-5073-4e96-a202-7fe6122a2271 - Power Policy Settings Disaplay

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\2648BF76-DA4B-409A-BFFA-6AF111C298A5 - ?

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\268c43e1-aa2b-4036-86ef-8cda98a0c2fe - ? Power Policy Settings PCI Express

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\2AB668F3-6D58-4030-9967-0E5358B1B78B - Microsoft Intune MDM Policy Settings - Account, Bitlocker, Connectivity, Data Protection, Defender, Device Lock, Experience, Network Isolation, Security, System, update and WiFi

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\C8DC8AF6-2A7D-4195-BA77-0A4DAC2C05A4 - Microsoft Intune/SCCM MDM policy settings - Browser, Camera, Connectivity, Device Lock, Security, Systems and Wifi
  • System > Power Management > Button Settings
  • Select the Start menu Power button action (on battery)
  • Select the Start menu Power button action (plugged in)
  • Select the Start menu Power button action (plugged in)
  • Enabled – Select the Start menu Power button action (on battery).
How to Troubleshoot Windows 11 10 Intune MDM Issues 11
How to Troubleshoot Windows 11 10 Intune MDM Issues 11

Troubleshoot Windows 10 with MDMDiagReport

These GUID IDs can be found in the MDMDiagReport.xml file, and this XML can be decoded into HTML file MDMDiagReport.html using the tool here.  

How to Troubleshoot Windows 11 10 Intune MDM Issues 111
How to Troubleshoot Windows 11 10 Intune MDM Issues 111

[Related Posts – How to Start Troubleshooting Intune Issues]

Author

Anoop is Microsoft MVP! He is a Solution Architect in enterprise client management with more than 20 years of experience (calculation done in 2021) in IT. He is a blogger, Speaker, and Local User Group HTMD Community leader. His main focus is on Device Management technologies like SCCM 2012, Current Branch, and Intune. E writes about ConfigMgr, Windows 11, Windows 10, Azure AD, Microsoft Intune, Windows 365, AVD, etc…

8 thoughts on “How to Troubleshoot Windows 11 10 Intune MDM Issues”

  1. Hi Anoop! Thanks for your helpful website.

    I’m actually wondering if you know where this is coming from:

    “HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\18dcffd4-37d6-4bc6-87e0-4266fdbb8e49 – Power Policy Settings Buttons”

    If I install Windows 10 21H2 on a device, out of the box the “Power and sleep and close lid settings” are set blank (not set). Then, for some reason, when I enrol a device using Intune/AutoPilot these settings change to sleep.

    Reply
  2. No it’s a policy source which I can see on my MDMDiagReport. I web searched the ID and this/your webpage came up. It’s on the list of reg keys you put further up on this web page. Any idea what this policy source/provider is?

    Reply
    • I have updated the post with the details.
      System > Power Management > Button Settings
      Select the Start menu Power button action (on battery)
      Select the Start menu Power button action (plugged in)
      Select the Start menu Power button action (plugged in)
      Enabled – Select the Start menu Power button action (on battery).

      Reply
  3. Thanks Anoop, I can’t seem to reply to your comments so sorry I keep creating new posts. I understand how to create device configuration profiles to set these power button actions. What I don’t understand is why our devices have the same policy provider ID as you’ve shown on this web page? By the way I’ve used the IntuneManagement-master tool and have gone through every Intune object in our tenancy and can’t find one that matches the ID 18dcffd4-37d6-4bc6-87e0-4266fdbb8e49. It’s as if enrolling a device in Intune sets power plan defaults for all devices across all tenancies?

    Reply
    • “Matches the ID 18dcffd4-37d6-4bc6-87e0-4266fdbb8e49” – This is really weird. I thought this must be a unique ID. I created this post a few years before and I don’t think even I have this ID showing up on the new devices enrolled to test tenants. I think it’s worth opening a service request with Microsoft for this type of issue.

      Reply
  4. Ah sorry, turns out this registry

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\PolicyManager\Providers\18dcffd4-37d6-4bc6-87e0-4266fdbb8e49

    is actually on most Windows 10 computers out of the box. It isn’t added simply by enrolling a device into Intune. For some reason I’m still looking into, on a Lenovo Legion 5i laptop, it wasn’t there and the power button and lid settings were all blank and can be changed/set by user. I checked some other models and it is there simply as a part of installing Windows 10

    This does still pose an issue IMO, if the security advisory guidelines you are following doesn’t provide any guidelines for these power button and lid settings. Because all advisories do recommend not to let your laptops go into Sleep state due to memory remanence attacks.

    Hope that helps anyone

    Reply

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.