Hi Richard R,
Thank you for posting in the Q&A Forums.
Check if devices are signed into Intune and refresh policies
Use the Company Portal application:
If your organization uses Microsoft Intune, an application called Company Portal is usually deployed.
Log in to the Company Portal app and check the status of the device. If the device has been successfully signed into Intune, you should be able to see detailed information about the device, including policy status.
Use PowerShell commands:
There is no direct PowerShell command that shows a timestamp of when the device was signed into Intune.
However, you can check if a device is communicating with Intune by running some PowerShell commands, such as checking the device registration status and synchronization status.
Use the dsregcmd /status command to check the Azure AD registration status of the device.
Check the status of Intune-related services, such as MDM diagnostics, but this usually requires specific diagnostic tools or permissions.
View event logs:
In the Windows Event Viewer, look for log entries related to Intune or device management.
This may require some familiarity with event logs to be able to identify logs related to Intune communications or policy applications.
To see what security policies were applied and when they were applied
Use PowerShell commands:
While there is no direct command that lists all applied security policies and their timestamps, you can use PowerShell to examine certain policy settings.
For example, use the Get-CimInstance or Get-WmiObject commands to query specific policy settings, but this requires that you know the specific policy path and name to query.
Another way is to use commands such as Get-LocalGroupMember, Get-Acl, and so on to check local security policies, but these are usually related to file system or user permissions, not Intune policies.
Check registry settings:
Some policy settings may be reflected in the registry, but this is usually not the primary storage location for Intune policies.
You can try searching the registry for policy-related keywords, but this needs to be done with caution, as incorrect registry editing can lead to system instability.
Use the Group Policy Management tool:
If your organization uses local group policies or domain group policies to manage devices, you can use a group policy management tool (such as the Group Policy Management Console, GPMC) to see what policies are applied.
Note, however, that Intune policies are typically managed through the cloud, not local group policies.
Intune Management Center:
Log in to the Azure portal and go to the Intune Management Center.
In the Devices or Policies section, you can view and manage deployed policies.
While this won't show you which policies were applied to each device when, you can see which policies are assigned to which device groups.
Best regards
NeuviJ
============================================
If the Answer is helpful, please click "Accept Answer" and upvote it.