Mainframe79: Bunker Code Outpost
Intune’s Playing Hard to Get? Reset Those Machines ‘Til They Talk

Intune’s Playing Hard to Get? Reset Those Machines ‘Til They Talk

Mike Becker's photo
Mike Becker
·

2 min read

Table of contents

Mission Objective

Restore Intune sync when IntuneManagementExtension goes dark from disconnection. Deploy Rudy Ooms’ IntuneSyncDebugTool to re-link the device to Intune command.

Check your target: The key to knowing this is the path is the disappearance of the service: "Microsoft Intune Management Extension"

Gear Check

  • Device Access: Local admin rights or PS Remoting to target machine.
  • PowerShell: Stock cmdlets plus IntuneSyncDebugTool (Install-Module IntuneSyncDebugTool).
  • Intune Enrollment: Device previously enrolled, now offline.

The Play

Step 1: Kickstart and lock core services:

Get-Service -DisplayName "Device Management Wireless Application Protocol (WAP) Push message Routing Service" | Set-Service -StartupType Automatic -PassThru | Start-Service -PassThru  

Get-Service -DisplayName "Background Intelligent Transfer Service" | Set-Service -StartupType Automatic -PassThru | Start-Service -PassThru  

Get-Service -DisplayName "Device Management Enrollment Service" | Set-Service -StartupType Automatic -PassThru | Start-Service -PassThru

All three should now be active and configured to start on boot.

Step 2: Install and run Rudy Ooms’ tool (credit: Rudy Ooms on X):

Install-Module -Name intunesyncdebugtool
test-intunesyncerrors

Execution

  • Service Sweep: Launch PowerShell as admin (or Enter-PSSession remotely). Run the service block—WAP Push, BITS, Enrollment kick on, set to Automatic.

  • Tool Assault: Install and execute Test-IntuneSyncErrors. Tool scans certs, registry, EntDMID—reconnects IntuneManagementExtension to Intune.

  • Verify: Intune portal updates—device checks in, service active.

It’ll analyze the setup and flag issues. You may need to run it twice—some test machines required a second pass. Output will resemble this (from a remote session):

Even with an error before rebooting, the machine often reconnects to Intune. Verify in the console.

Mission Value

Services first—WAP Push, BITS, Enrollment—clear the runway for sync. Rudy’s tool (Rudy Ooms) finishes the job, stitching IntuneManagementExtension back to base. No service? Tool rebuilds it. Sync restored, mission tight.

Field Notes

Services dead? Check dependencies or Event Viewer for crashes. Tool flops? Hit logs (C:\Users\<user>\AppData\Local\Temp\diag)—certs might be fried. Rudy’s tweaks evolve—follow his X. Intel needed—I’m on station.

intunePowershell