|

Intune Remote Actions Stuck Pending on Windows 11: Fix Autopilot Reset and Restart Fast

ByTechieGeek

Why Are Intune Remote Actions So Much Slower on Windows 11 Than Windows 10?

Posted on December 18, 2025

If you’re managing a fleet of school laptops (or any large deployment) with Microsoft Intune, you’ve probably run into this frustrating issue: remote actions like Autopilot Reset and Restart fly on Windows 10 devices, but on Windows 11, they’re painfully slow—or worse, stuck in “pending” for hours, even up to 24 hours. Devices show as compliant, sync successfully when manually triggered, and everything else seems fine… until you need that quick reset for reassigning a laptop.

This isn’t just you. It’s a common complaint in Intune communities, especially in education environments with hundreds of devices. On the same hardware and configurations:

  • Windows 10: Bulk Autopilot resets kick off reliably—around 90% start within 10 minutes.
  • Windows 11: Often less than 50% respond even after hours, leaving actions hanging in limbo.

So, what’s going on? And more importantly, how do you fix it?

The Real Culprit: Windows Push Notification Services (WNS)

The key to fast remote actions in Intune lies in Windows Push Notification Services (WNS). Here’s the breakdown:

Intune doesn’t constantly poll every device—that would drain batteries and overload networks. Instead:

  1. When you trigger a remote action (like Restart or Autopilot Reset), Intune sends a push notification via WNS.
  2. WNS pings the device to wake it up and sync immediately.
  3. The device checks in, grabs the command via its Configuration Service Provider (CSP), and executes it—usually within minutes.

If WNS works, actions are near-real-time. If it fails (e.g., blocked by firewalls, proxies, or web filters—super common in school networks), the device falls back to its scheduled maintenance sync. The old myth was “every 8 hours,” but that’s debunked: without WNS, you’re stuck waiting much longer for on-demand actions.

Why does this hit Windows 11 harder? Stricter network handling, proxy interactions, or shifts to pure Entra ID joins can exacerbate WNS issues. Manual syncs still work because they’re client-initiated, but remote triggers rely entirely on that WNS “fast lane.”

Quick Troubleshooting Steps to Get Things Moving Again

Start here—these resolve most cases:

  1. Check and Unblock WNS Endpoints (This is the #1 fix!)
  • Ensure devices can reach:
    • *.wns.windows.com (e.g., client.wns.windows.com)
    • *.notify.windows.com
  • Test on a problematic Windows 11 device: Look in Event Viewer > Applications and Services Logs > Microsoft > Windows > PushNotifications-Platform > Operational for errors like failed channel renewals.
  • Allow these in your firewalls, proxies, or content filters. Many education networks block them inadvertently.
  1. Dive into Diagnostics Logs
  • Use the community-enhanced PowerShell script: Get-AutopilotDiagnosticsCommunity (available on PowerShell Gallery).
    • Install: Install-Script -Name Get-AutopilotDiagnosticsCommunity
    • Run it on-device or against captured logs for detailed insights into Autopilot profile status, ESP tracking, apps/policies, and potential blocks.
  • It’s more feature-rich and up-to-date than Microsoft’s original version.
  1. Review Delivery Optimization (DO) Settings
  • If you’ve recently moved from hybrid Entra ID (domain-joined) to Entra-only, old DO policies tied to AD sites might be causing hiccups.
  • Test disabling DO temporarily on a few Windows 11 devices via Intune policy.
  • Better long-term: Switch to HTTP-only or group-based modes.
  1. Other Quick Checks
  • Ensure Windows Recovery Environment (WinRE) is enabled—required for Autopilot Reset.
  • Scan MDM event logs for WNS-related errors.
  • Note: Some actions have built-in delays (e.g., a 5-minute buffer after the first day of enrollment).

Final Thoughts

In most reported cases, simply allowlisting WNS endpoints restores that snappy Windows 10-like performance on Windows 11. It’s frustrating that such a core feature depends on something as finicky as push notifications, but once fixed, bulk actions become reliable again.

If you’ve battled this in your environment, what worked for you? Drop a comment below—I’d love to hear your experiences!

Sources: Insights drawn from Intune community discussions, Patch My PC deep dives on WNS and the “8-hour myth,” and Microsoft documentation on remote actions.

LinkedInCopyPinterestRedditTelegramChatGPTSMS

Similar Posts

Leave a Reply

Your email address will not be published. Required fields are marked *