Windows 10 Security Baseline errors.

Susie Miloves 1 Reputation point

I have created a security baseline profile using the recommended settings (they are all defaults). When I assign the profile, Audit policies shows "error" status. I try to remove the assignment and recreate another profile and reassign but it still give me the same errors. All devices are affected. I would like to know how to fix this.


Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
2,392 questions
No comments
{count} votes

13 answers

Sort by: Most helpful
  1. Arnold Souadet 1 Reputation point


    Could you please specify which identity configuration do you have ?
    AAD Join ?
    Hybrid AAD Join ?

    For management, devices are only managed by intune or is it co-managed ?


  2. Susie Miloves 1 Reputation point

    We do have Hybrid AAD Join. devices are only managed by Intune. Thank you.

  3. Rahul Jindal [MVP] 7,251 Reputation points MVP


    What do you see under per setting status against the baseline? That should give you some indication. Also, did you check the event logs located under Event viewer > Applications and Services Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Admin ? It can take a good amount of time for the status to get updated in Intune.

  4. Arnold Souadet 1 Reputation point


    Did you checked if there is a conflict between this Intune profile with a Local GPO ?
    The logs asked by Rahul will be helpful.


  5. Susie Miloves 1 Reputation point

    I did check the logs but no info about the errors. I tried to replicate and it doesn't give any error for all the Windows Enterprise Machines that I enrolled. Issue only exist for Windows Business and Pro machines. I guess it is compatibility issue with Windows OS. Seems like it is applicable for Enterprise OS only. I just have to disable those erroneous policy in Security baseline and modify manually in GPO.