Microsoft

Microsoft Intune Feedback

Suggestion box powered by UserVoice

How can we improve Microsoft Intune

← Ideas

Allow powershell scripts to be used with Hybrid Joined devices

Currently its only possible to run Powershell scripts against Azure Domain Joined Machines. Could allow powershell scripts to be run against Hybrid Domain Joined machines?

548 votes
Vote
Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Close
Close
You have left! (?) (thinking…)
Paul shared this idea  ·   ·  Flag idea as inappropriate…  ·  Admin →

29 comments

Sign in
(thinking…)
Password icon
Signed in as (Sign out)
Close
Close
Submitting...
  • Anonymous commented  ·   ·  Flag as inappropriate

    Apparently this is still not fully supported. For Hybrid Joined devices, you have to use GPO to get this working even though this is not stated anywhere. It only states you have to have auto-enrollment setup (MDM page).

  • EliWallic commented  ·   ·  Flag as inappropriate

    Currently on hybrid joined devices PowerShell scripts gets only executed once after assignment. It will not run after service restart or machine reboot. Hope that will get fixed soon.

  • Dale Hayter commented  ·   ·  Flag as inappropriate

    The issue where it stopped working has now been resolved by Microsoft. Essentially the URL that the agent downloaded from did not exist in public DNS so the agent never downloaded. If you have a similar issue check the URL published in this registry key

    Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\EnterpriseDesktopAppManagement\S-0-0-00-0000000000-0000000000-000000000-000\MSI\{4832C413-61A3-4703-BCB8-BB9AD35FD643}

    If you cant resolve the address then you have the same issue. We had to log a ticket with Microsoft to resolve.

    So for us, hybrid joined devices can now run PowerShell scripts and Intune 32 apps. Great news...

  • Dale Hayter commented  ·   ·  Flag as inappropriate

    This seemed to be working on domain joined devices the other day. Now seems to have stopped for new devices. I think this was released to go with the Intune 32 app deployment which uses the Intune Management Extension. This element is now no longer being deployed to new devices for some reason. Anyone else seeing this?

  • Michael Mardahl commented  ·   ·  Flag as inappropriate

    Guys this works. I have a large number of AAD Hybrid W10 devices, and they all get loads of stuff via powershell scripts, Drive maps, chocolatey, weird registry stuff, you name it.
    It runs like a dream!

  • Anonymous commented  ·   ·  Flag as inappropriate

    There appears to be a silent roll out for this as PowerShell scripts can now be executed on hybrid domain-joined endpoints.

  • David Engelmark commented  ·   ·  Flag as inappropriate

    We are a comapany that only have hybrid joined devices and today we noticed that the "IntuneManagementExtension" had gotten istalled by itself, so we tried to add a script and after some time the scripts got executed on the computers! In all the docs its says this should not be possible, have there been som silent rollout of this feature?

  • Anonymous commented  ·   ·  Flag as inappropriate

    Really microsoft? Without this solution, intune is totally useless. I don't know who is responsible for the functional requirements of such solutions but should be fire from MS.

  • Dan Macgowan commented  ·   ·  Flag as inappropriate

    There is no documentation that states that PS scripts cannot be used on AD joined machines. 30 hours wasted troubleshooting. Come on Microsoft. At least have it warn that the feature cannot be used on a pc that is domain joined.

  • lyonheart14 commented  ·   ·  Flag as inappropriate

    I don't see a reason this isn't already implemented. Also, it is kind of scary that this request seems like its being ignored.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Must have!! This is a show stopper for many larger deployments, avoiding setting up. SCCM clusters again!!

  • Jason commented  ·   ·  Flag as inappropriate

    A big issue for several clients we support. This needs more attention.

  • Anonymous commented  ·   ·  Flag as inappropriate

    Took me a while to understand that PS script were only working on AAD joined device (maybe that should be clearly notified in the UI).

    This request is still not even marked as noted... I'm wondering if they can have it working on hybrid joined device, maybe some permission issue. Or they just think that as these devices are "hybrid" we relay on another on-prem solutions for computer management and software deployment. However in many cases we can't go full Cloud so it's important that we have as many options as possible available to support a broad range of scenario.

    Having the possibility to run PS script is not only a good thing for installing software but can be used also in place of GPO (when no MDM policy).

← Previous 1

Ideas: Windows-specific

Feedback and Knowledge Base

(thinking…)