Proactive Remediatons: The Hidden World

Introduction: Understanding and Utilizing Proactive Remediations in Intune

Proactive remediations are a powerful feature in Microsoft Intune that enables IT administrators to detect and automatically fix issues on managed devices before they become significant problems. This proactive approach helps ensure a smoother user experience and minimizes potential disruptions. However, when experimenting or testing these remediations, waiting for them to execute according to the default schedule can be time-consuming. To address this, we can manually trigger these remediations to run sooner, providing quicker feedback during testing. In this blog, I’ll walk you through the process of deploying Intune Local Administrator Password Solution (LAPS) using Proactive Remediations and how to expedite their execution for testing purposes.

Deploying Intune LAPS with Proactive Remediations

Some time ago, I wrote a blog detailing how to deploy LAPS (Local Administrator Password Solution) to your Entra ID -joined devices. In that post, I also touched on how to speed up the delivery of Proactive Remediations. However, I believe this solution deserves a dedicated blog, so here we go!

Why Speeding Up Proactive Remediations Matters

When working with Proactive Remediation, especially during the testing phase, you might find yourself in a situation where you need the remediation to execute immediately. Waiting for the scheduled task to kick in can be frustrating and time-consuming, particularly when you’re trying to validate whether a script or remediation works as intended.

Follow the steps outlined below to accelerate the process and force the Proactive Remediation to execute within five minutes.

Steps to Expedite Proactive Remediation Execution

Step 1: Obtain the Proactive Remediation ID

The first step is to get the “ID” of the Proactive Remediation you want to expedite. This ID is essential because it allows you to pinpoint and manipulate the specific remediation you’re working with.

To find the ID, navigate to the Proactive Remediation in Intune, and hover over it. As shown below, the ID will appear at the bottom of your screen.

Step 2: Modify the Registry

With the ID in hand, the next step is to modify the registry on the device where you want the Proactive Remediation to run more quickly. Follow these steps:

1. Open the Registry Editor on the target device.
2. Navigate to the following key:HKLM\SOFTWARE\Microsoft\IntuneManagementExtension\SideCarPolicies\Scripts
3. Under this key, you’ll find subkeys related to “Execution” and “Reports.” Delete these subkeys as shown in the image below.

Step 3: Restart the Intune Management Extension Service

After modifying the registry, you need to restart the Intune Management Extension service to apply the changes. This will trigger the Proactive Remediation to run again almost immediately.

To restart the service:

1. Open the Services app on the target device.
2. Locate the Microsoft Intune Management Extension service (IME service).
3. Right-click on it and select “Restart

By doing this, the Proactive Remediation will execute within approximately five minutes, allowing you to see the results much sooner.

Expanding the Technique: Custom Compliance Policies

Interestingly, this same method can be applied to another useful feature in Intune: Custom Compliance Policies. Similar to Proactive Remediations, these policies can sometimes take longer to execute than desired during testing. By using the steps above, you can speed up their execution as well, giving you faster feedback during your compliance checks.

For more details on Custom Compliance Policies, you can check out my blog post here: The Last Days of Custom Compliance.

Conclusion

When testing Proactive Remediations or Custom Compliance Policies in Intune, speeding up the execution can be incredibly helpful. It allows for quicker iterations and faster troubleshooting, saving valuable time. However, if you enjoy a good coffee break while waiting for your scripts to run, maybe speeding things up isn’t always necessary! Happy testing!