Intune Preview: Run Remediation Scripts On-Demand Per Device

By /
Intune: Run Remediation Scripts On-Demand, Per Device (Preview)

Microsoft Intune now lets you trigger an existing Remediation on a single Windows device right from the device page. No waiting for schedules. This is in preview.

Why this is useful

  • Fix issues while the user is on the call.
  • Test a remediation on one pilot device before broad rollout.
  • Rerun a failed remediation without changing assignments or cadence.

What you need

  • A remediation package already created (custom or from templates).
  • RBAC rights to view the device and run remote actions.
  • Device online and reachable by Intune.

How to run a remediation on one device

  1. Go to Intune admin center → DevicesWindows (or All devices).
  2. Open the target device.
  3. Click … More (menu) → Run remediation (preview).
  4. Select the remediation package.
  5. Click Run remediationConfirm.

Where to see results

  • DeviceMonitorRemediations.
  • Or DevicesScripts and remediations → select your package → Device status.
  • On the endpoint, check: C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\IntuneManagementExtension.log C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\AgentExecutor.log Look for the run timestamp, detection result, and script exit code.

Good naming = smooth helpdesk

Use clear names and notes:

  • Fix-CompanyPortal-Cache
  • Repair-IME-Service
  • Reset-WMI-Repository

Add a short description: “Stops IME, clears cache, restarts service. Safe to rerun.”

Common use cases

  • Company Portal stuck or sign-in loop
  • IME service stuck / Win32 app install retries
  • OneDrive reset for sync failures
  • WMI or Windows Update quick repair
  • Clear Teams/Edge/WebView2 caches

Tips and guardrails

  • Idempotent scripts. Make it safe to run multiple times.
  • Exit codes. Use 0 for success, non-zero for failure; write clear stdout.
  • Logging. Write-Output key steps so IME logs show intent.
  • Scope tags. Limit what helpdesk can run.
  • No assignment required. On-demand doesn’t need group targeting, but the package must exist.

Troubleshooting

  • Nothing happens: Device is offline or cannot reach Intune/WNS. Try again when online.
  • Runs but fails: Check IntuneManagementExtension.log and AgentExecutor.log for the exit code and error text.
  • Permission blocked: Confirm your role has remote device actions and remediation read rights.
  • Script path issues: Ensure your remediation does not rely on user paths if you intend to run system-scope actions.

Preview notes

  • UI text and location may change.
  • Track feedback and be ready to adjust playbooks when the feature goes GA.

Quick SOP (tier-1)

  1. Verify the device is online.
  2. Open the device in Intune → … MoreRun remediation (preview).
  3. Choose the correct package (follow your runbook naming).
  4. Run it. Wait 1–3 minutes.
  5. Check Device → Monitor → Remediations for status.
  6. If failed, gather IntuneManagementExtension.log and escalate.

Wrap-up

On-demand, per-device remediations speed up fixes and reduce ticket back-and-forth. Build small, safe scripts, label them clearly, and give helpdesk a simple SOP. When this moves out of preview, fold it into your standard troubleshooting flow.

LinkedInCopyPinterestRedditTelegram

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *

Powered by
Necessary cookies enable essential site features like secure log-ins and consent preference adjustments. They do not store personal data.
None
Functional cookies support features like content sharing on social media, collecting feedback, and enabling third-party tools.
None
Analytical cookies track visitor interactions, providing insights on metrics like visitor count, bounce rate, and traffic sources.
None
Advertisement cookies deliver personalized ads based on your previous visits and analyze the effectiveness of ad campaigns.
None
Powered by
Scroll to Top