Powershell script package deployment using Intune failed on some machines

NM 41 Reputation points
2021-07-20T12:54:49.107+00:00

Hello,

I am trying to deploy a PowerShell script using Intune. The machines are joined to Azure AD. The deployment went fine on most of the machine but on few of them the script failed with the following error -

LogonUser failed with error code : 1008

AAD User check is failed, exception is System.ComponentModel.Win32Exception (0x80004005): An attempt was made to reference a token that does not exist
at Microsoft.Management.Services.IntuneWindowsAgent.AgentCommon.ImpersonateHelper.

AAD User check using device check in app is failed, now fallback to the Graph audience. ex = System.ComponentModel.Win32Exception (0x80004005): An attempt was made to reference a token that does not exist
at Microsoft.Management.Services.IntuneWindowsAgent.AgentCommon.DiscoveryService.<IsAADUserInternal>d__17.MoveNext()

Experts please, suggest.

Microsoft Intune Configuration
Microsoft Intune Configuration
Microsoft Intune: A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.Configuration: The process of arranging or setting up computer systems, hardware, or software.
1,898 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
5,081 questions
{count} vote

3 answers

Sort by: Most helpful
  1. Rahul Jindal [MVP] 10,121 Reputation points MVP
    2021-07-20T14:00:07.217+00:00

    Is a license assigned to the primary user of the device? Is the device shared by any chance?


  2. Lu Dai-MSFT 28,406 Reputation points
    2021-07-21T02:52:33.22+00:00

    @NM Thanks for posting in our Q&A.

    To clarify this issue, we appreciate your help to check the sign in user in the failed device has the appropriate permissions to run the script.

    If everything is normal, it is needed to do more log analysis. Please understand that the log message is general and not enough to find the root cause. With Q&A limitation, it is suggested to open an online support ticket to solve this issue more effectively. It is free. Here is the online support link:
    https://learn.microsoft.com/en-us/mem/intune/fundamentals/get-support

    Hope this issue will be solved as soon as possible.


    If the response is helpful, please click "Accept Answer" and upvote it.
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.


  3. Lu Dai-MSFT 28,406 Reputation points
    2021-07-21T09:21:21.77+00:00

    @NM For this issue, I have done the research again. It is suggested to try to restart the device and check if the Powershell script deployment is successful.

    If it still fails, it is suggested to try the following actions:
    1.If the local user login the device, please run the script as system with "Solution 2" in the affected device in the following link. And check if it is successful.

    Note: Non-Microsoft link, just for the reference.

    2.If the Azure AD account login the device, please run the script directly in the affected device. And check if it is successful.

    3.Please check the device is 32 bit or 64 bit and check use which credential to run the script. Make sure the device meets the settings about PowerShell script in intune.
    116731-image.png

    116741-image.png

    4.Powershell script errors, we usually check messages in C:\ProgramData\Microsoft\IntuneManagementExtension\Logs
    https://learn.microsoft.com/en-us/mem/intune/apps/intune-management-extension#intune-management-extension-logs
    Please double confirm if there is any other error message.

    If there is anything update, feel free to let us know.


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.