Intune Device Compliance Evaluation not stable (False/Positive)
Intune Device Compliance sometime fails to evaluate the correct data.
We set "Windows Firewall" to be a device compliance setting. The Windows Firewall is running fine but Intune fails to detect (False/Positive) with custom error message:
-2016345612 (Syncml(500): The recipient encountered an unexpected condition which prevented it from fulfilling the request)
We're also getting sometimes Issue with Evaluation of Bitlocker Settings.
Thanks for the additional info. I confirmed that this is NOT the behavior we expect, so we need to investigate this. UserVoice isn’t a good way to dig into this, but support cases are because we can get all the logging information – with appropriate privacy controls – and then there’s a process to feed that to engineering if a code fix is needed.
There’s no charge to open a support case for Intune. Just go to https://aka.ms/intunesupport for how to do it.
I will alert the support team that we have this issue.
(And if by chance you have already opened a support case and have a case ID, please let me know so we can associate those.)
Sorry for the inconvenience!
I found this caused me an issue when i had firewall settings set in a configuration profile. Changed these settings to not configured and the compliance policy read the status correctly.
This is causing significant issues for us. Have escalated to Product Group. Apparently two bugs, one in Intune and one in Win10 are contributing.
This has appeared to be worse this week. The devices have gone non compliant in the system and the normal tricks of running a quick scan and syncing haven't been working. We have had users non compliant for 24 hours meaning they can't work. I really hope this can get fixed soon as calling up a user to explain this is deeply embarrassing.
Wolfgang Bach commented
Are you kidding? MS Support told us to open a User Voice to get this fixed.... Sorry but why is everyone here voting for this problem and no one from MSFT is helping out? Without a stable Device Compliance evaluation we can't use this... It a crucial component for zero trust network approach... very disappointed....
Happened to us on a few machines. I can just turn off the compliance setting for now but was puzzling at first
@Cathy, on the built-in mdm client on windows build 2004, also ATP shows risk is low but still marked as non-compliant when the policy says medium and below
Issue isn't limited to firewall but happens to BL encryption also.
I have raised a Microsoft ticket about this and the following reply:
We have this issue reported to our Windows support team and they are working on a fix for that, but there are no estimated time for the fix deployment.
Case # 20856077. Closed as fixed itself. We do not know, what happen, Microsoft does not know what happen.
Quote: "Wolfgang Bach commented · February 11, 2019 14:51 · Flag as inappropriate
We've also opened a Support ticket but MS could not help. They just recommended to send our concerns to uservoice..."
So over a year ago Microsoft support recommends opening a user voice, and now after having this topic open in user voice for well over a year, Cathy Moya closes the user voice recommending to open a support ticket... This is ridiculous.
Also on 2004...
Just wanted to let this know since nobody has confirmed this yet.
Arne Abbink commented
@cathy happens on MDM client Win10 v1909
Jim S commented
Happens for us on Win10 v1909 with the built-in MDM client on random assortment of clients for the firewall module.
Usually only happens for the user instance, not the device. On some multi-user devices we'll have a device that is compliant for one user, but not another.
This has been happening since I'm using Intune. MDM clients v1809 - 1909 (2004 not seen yet)
@Cathy Moya: It's happening to our Windows 10 MDM Clients.
@Cathy Moya: We are seeing this problem with Full MDM enrollment (Windows 10 1903/1909, Autopilot)
We are having the issue on Windows 10 1909 and later devices using the built in MDM
My client is Microsoft Intune Company Portal 10.4.8061.0 with Windows 10 version 1909.
integrated in Windows 10. I strongly suspect the evaluation to be done at startup when probably all anitivirus services are not yet fully reactive. The machine is then judged non-compliant and accesses are cut off. When the support service intervenes, generally everything is back in order without doing anything.
For us, it happens with Windows 10. From 1809 to 1909.