Some common issues and resolutions you might encounter with policies and profiles with Intune relate to configuration profile conflicts and Azure AD–Intune enrollment.
Configuration Profile Conflicts
The most restrictive value is applied when two profile settings are applied to the same device. Any settings that are the same in each policy are applied as configured.
If a policy is deployed to a device and is active when a second policy is deployed, then the first policy takes precedence, and it will stay applied. Any conflicting settings are set to the most restrictive values.
You might also consider how different types of policies interact with each other.
- Compliance policy settings have precedence over configuration profile settings.
- If a compliance policy includes the same setting found in another compliance policy, then the most restrictive compliance policy setting will be applied.
- If a configuration policy setting conflicts with a setting in another configuration policy, the conflict will be displayed in Intune. You will need to manually resolve the conflict.
Custom Profile Conflicts
If you configure custom policies, you should know that Intune doesn’t evaluate the payload of a custom Open Mobile Alliance Uniform Resource Identifier (OMA-URI) policy. Intune will deliver the policy without referencing other policies, which can cause potential conflicts.
You should therefore confirm that the configured settings within a custom policy don’t conflict with compliance, configuration, or other custom policies. For example, if iOS custom policy settings conflict, then the settings are applied randomly.
Policy Refresh Cycle Times
You might need to troubleshoot the client if Intune profiles or policies are not being applied to a specific device or PowerShell scripts deployed by Intune are not being run. You should first reboot the device by holding down the Shift key and selecting Shutdown from Start. After rebooting the device, the Intune client built into Windows 11 should check whether any changes or new policies are available.
You should allow devices time after rebooting to sync to Intune and receive any changes. Sometimes, the sync can take several minutes to complete, so you might need to be patient. The refresh cycle for device configuration policies can be found in Table 3-10. The application and refresh cycle for device configuration profiles is the same as the compliance profiles.
TABLE 3-10 Configuration profile policy refresh cycle
| Platform | Initial estimated check-in frequency | Ongoing refresh cycle |
| iOS | Every 15 minutes for 6 hours, and then every 8 hours | About every 8 hours |
| macOS | Every 15 minutes for 6 hours, and then every 8 hours | About every 8 hours |
| Android | Every 3 minutes for 15 minutes; every 15 minutes for 2 hours; and then every 8 hours | About every 8 hours |
| Windows 10 or later (enrolled as a device) | Every 3 minutes for 15 minutes; every 15 minutes for 2 hours; and then every 8 hours | About every 8 hours |
| Windows 8.1 or later | Every 5 minutes for 15 minutes; every 15 minutes for 2 hours; and then about every 8 hours | About every 8 hours |
You can, of course, manually sync your configuration profiles from the Microsoft Intune admin center and the device itself.
