Intune compliance and portal issues with Windows 11

Efstratios Stratis 31 Reputation points
2023-10-09T11:59:20.38+00:00

Hello,

we have about 100 laptops in our organization, Intune seems to be working well with Windows 10 devices. All out laptops are Lenovos.

We have started buying laptops with windows 11 now and in all laptops we have issues downloading software from Company portal. Most of the software that gets automatically deployed to all machines either required or available gets installed but not all. ( On win 10 devices everything gets installed )

Available for enrolled devices company portal software gets stuck on pending.

Most of the required software gets installed but not all.

Errors:

The Intune error is The system cannot find the file specified. (0x80070002)

Those devices show in Intune admin as Compliance not evaluated.

Thank you in advanc

Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,486 questions
0 comments No comments
{count} votes

7 answers

Sort by: Most helpful
  1. Efstratios Stratis 31 Reputation points
    2023-10-09T13:32:58.8333333+00:00

    Traced down the issue a bit more and found firewall error "2016345612(Syncml(500): The recipient encountered an unexpected condition which prevented it from fulfilling the request" under windows account.

    Of course windows 11 firewall settings are the same with all win10 laptops

    0 comments No comments

  2. Crystal-MSFT 44,411 Reputation points Microsoft Vendor
    2023-10-10T01:32:36.0733333+00:00

    @Efstratios Stratis, Thanks for posting in Q&A. From your description, I know some laptops are unable to install some software. And it shows the file can't find.

    For your issue, one possible reason for this issue is that the software you are trying to deploy is not compatible with Windows 11. Another possible reason is that there may be an issue with the Intune app installation on your Windows 11 devices. To troubleshoot this issue, you can try the following steps:

    1. Please manually install the application on the device to ensure that the software you are trying to deploy is compatible with Windows 11.
    2. Please let know what app type we deploy it via Intune, win32 or other type.
    3. If it is win32, please go to check IME log to see fi there's any finding, here is a link witht he troubleshooting for your reference: https://www.anoopcnair.com/intune-win32-app-troubleshooting/ Note: Non-microsoft link, just for the reference.

    Please check the above information and if there's any update, feel free to let us know.


    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments No comments

  3. Efstratios Stratis 31 Reputation points
    2023-10-10T07:43:23.1633333+00:00

    Hi , thanks for your reply.

    The software is compatible with Win11, Chrome is having issues for instance.

    We deploy Chrome as an msi. We also have issue deploying Lenovo system updater intunewin file.

    We've been using Intune for 3 years now with no issues.

    Below are some errors we get in event viewer.

    MDM Session: OMA-DM message failed to be sent. Result: (Unknown Win32 Error code: 0x80072ee7)

    MDM Session: Failed to get AAD Token for sync session User Token: (Unknown Win32 Error code: 0xcaa70004) Device Token: (The network location cannot be reached. For information about network troubleshooting, see Windows Help.).

    MDM Push: Failed to renew WNS Push Channel for MDM Push Sessions. Result: (The network is not present or not started.).

    MDM ConfigurationManager: Caller did not specify user to impersonate to. Targetted user sid: (NULL) Result: (Unknown Win32 Error code: 0x86000022).

    BitLocker CSP: GetDeviceEncryptionComplianceStatus indicates OSV is not compliant with returned status 0x80

    DeviceStatus CSP: WscGetSecurityProviderHealth(WSC_SECURITY_PROVIDER_FIREWALL) returned status 0x2 and HRESULT Incorrect function.

    MDM Declared Configuration: Function (checkNewInstanceData) operation (Read isNewInstanceData) failed with (The parameter is incorrect.)

    Just saw one of the win11 laptops successfully got all the software but it took about 10 days to do so, so it probably needs more time?

    Thanks


  4. Efstratios Stratis 31 Reputation points
    2023-10-11T05:50:21.01+00:00

    Hi, Chrome is deployed as an msi line of business. It is installed when is deployed as required (device) but fails when is deployed as a user install from the portal.

    Another msi application that is deployed as a required app (snagit) refuses to install on win11 devices.

    These apps of course work if they are manually installed.


  5. Efstratios Stratis 31 Reputation points
    2023-10-16T08:15:03.9033333+00:00

    Hi, we reset the laptop, did everything from scratch and it joined and downloaded the software normally. The only difference was that the laptop was connected to the network by lan cable rather that wifi.

    Kind regards

    0 comments No comments