I have recently found that the following commands, in order, fix this issue fairly reliably (syncml issue on either Firewall or AV compliance)
- Connect to MgGraph with Intune scopes
Connect-MgGraph -scope DeviceManagementManagedDevices.PrivilegedOperations.All, DeviceManagementManagedDevices.ReadWrite.All,DeviceManagementManagedDevices.Read.All
$device = Get-MgDeviceManagementManagedDevice -Filter "contains(deviceName,'<DEVICENAME>')"
Sync-MgDeviceManagementManagedDevice -ManagedDeviceId $device.id
- Trigger a compliance check via local process on PC (use remote shell or execute locally)
Start-Process -FilePath "C:\Program Files (x86)\Microsoft Intune Management Extension\Microsoft.Management.Services.IntuneWindowsAgent.exe" -ArgumentList "intunemanagementextension://synccompliance"
- Trigger a sync via local scheduled task on PC (use remote shell or execute locally)
Get-ScheduledTask -TaskName “Schedule #3 created by enrollment client” | Start-ScheduledTask