Devices don’t receive policies or profiles if the device is not auto-enrolled in Azure AD and Intune. To confirm that a device is auto-enrolled, perform these steps:
- On the client device, open the Settings app.
- Click Accounts.
- Under Accounts, click Access work or school.
- Select the joined account and click Info.
- Under Advanced Diagnostic Report, click Create report.
- When prompted, click Export. The MDMDiagReport will be exported to the following location: C:\Users\Public\Documents\MDMdiagnostics.
- Open the MDMDiagReport in a web browser and locate the Enrolled Configuration Sources and target resources section.
- If you cannot find the MDMDeviceWithAAD property, the device is not auto-enrolled and must be enrolled to receive policies.
Using the Intune troubleshooting portal
You can also use the Microsoft Intune admin center troubleshooting portal to help users at your company review user information and user enrollment issues, as shown in Figure 3-30.
FIGURE 3-30 Troubleshooting Intune user issues
Intune can report the following data, including:
- User status
- Assignments
- Compliance issues
- Device not responding
- Device not getting VPN or Wi-Fi settings
- App installation failure
To access the portal to allow you to troubleshoot user issues in Intune, use the following steps.
- Open Microsoft Intune admin center as (at least) a help desk operator.
- Select Troubleshooting + support from the navigation pane.
- Select the appropriate user.
- Review the user information shown in the Troubleshooting + support page, as described in Table 3-11.
TABLE 3-11 Troubleshooting + support information summary
| Name | Description |
| Account status | Shows the status of the current Intune tenant as Active or Inactive. A green checkmark indicates a valid active Intune status. |
| User selection | Select the user to review. Click Change user to choose a new user. |
| User status | Displays the status of the user’s Intune license, the number of devices, and each device’s compliance. A green checkmark indicates a valid Intune license. Any compliance issues will be listed below the Intune status with a cross within a red circle. |
| User-specific information | Use the Assignments dropdown to select the details to review the status for each of the following areas: Client appsCompliance policiesConfiguration policiesApp protection policiesUpdate rings for Windows 10 and laterPowerShell scriptsEnrollment restrictions |
| Group membership | Shows the current Azure AD groups the selected user is a member of. |
| Devices | Displays a list of the user’s devices and detailed information about each, such as ownership, MDM, compliance state, app installation, operating system, and last check-in date and time. |
