Hi,
We've recently moved to a hybrid setup for our Windows devices (local active and Intune). Many devices have successfully fully setup but most have not. They are registered with Intune and show compliance, however we have found that those not working have not installed the Intune Management Extension (IME). This means they cannot run scripts or deploy software from Intune.
I have come to the conclusion that application control is to blame even although it doesn't complain about Intune directly.
Trying to manually run the IME installer would bring up an error and it would fail, there were no pop-up alerts from Sophos about software being blocked. When I did temporary disabling of Sophos application control and manually re-ran the IME installer again on the test machine it succeeded.
We have 3 different Application Control policies in place for Sophos with varying levels of lock down. As part of troublshooting I have unblocked "Microsoft Intune" and today I realised all the problem devices were showing application control alerts for "Eventing Command Line" which was blocked. I'm testing a few problem machines with "Eventing Command Line" unblocked.
Can anyone confirm what should be unblocked for IME to install and run correctly?
Thanks!
Stephen
This thread was automatically locked due to age.