Proactive Remediations Scripts are an excellent way to counteract problems or to check desired states. The possibilities are almost limitless. So are the ideas.
Along with AndrewTaylor, Jannik Reinhard and Joey Verlinden I have therefore started a joint project in the form of a community repository for Proactive Remediations packages.
We have already created a lot of packages in it that can be used immediately and in many different ways.
In this article I will show you the requirements, basics and use of the Proactive Remediations packages, which are part of the Endpoint Analytics features in Intune.
Table of Contents
- What is Endpoint Analytics?
- What are "Proactive Remediations" within Endpoint Analytics?
- How do I create a Proactive Remediations Package?
- How can I contribute?
- Thank you for the initial support
What is Endpoint Analytics?
Endpoint Analytics is a feature in Microsoft Endpoint Manager that provides insight into device performance and health. IT administrators can use it to monitor devices, diagnose problems, and optimize device performance. Endpoint Analytics collects data on device performance metrics, such as boot time, application loading time, and battery life. This data can be used to identify device issues, prioritize troubleshooting, and improve device performance.
What are "Proactive Remediations" within Endpoint Analytics?
Probably the most important and powerful function of Endpoint Analytics are the "Proactive Remediations". With these you can use PowerShell to detect problems and fix them directly. The packages basically consist of two script files. A detection rule and a revitalization measure. The remedial action is triggered when the detection returns an exit code of "1". You also have the option of using only the detection rule to generate your own reports.
You can choose between a one-off and a defined time interval for execution.
The possibilities are almost limitless, you can for example:
- show problems
- create reports
- Collect data from the client or programs
- Show pop-up messages
- launch a WPF app
To use the Proactive Remediations feature, you must meet a few requirements:
- License: Microsoft 365 E3 / E5 / A3 / A5
- Device is Intune managed and at update level 1909 + July 2021 cumulative update
- Azure AD Join or Hybrid Join
- Windows 10 Education, Professional or Enterprise
- Connection to https://*.events.data.microsoft.com
How do I create a Proactive Remediations Package?
The function is somewhat hidden:
Intune > Reports > Endpoint analytics > Proactive remediations > +Create script package
First, give the new package a name and description:
Then upload at least one detection script. The remediation script is optional.
You also define here whether the package should be executed in the system or user context, whether the signature is checked and whether the script runs in the 32- or 64-bit modus.
You store the scope tags according to the arrangements in your environment.
In the assignments, you define who the package is assigned to and how often it should be executed.
How can I contribute?
If you have an idea for a script that is still missing, contact us via our blogs, social media, or open an issue in the repository with a description of your idea.
Do you already have a ready-made package that you would like to add?
Then please use our template and add it via a "pull request".
Thank you for the initial support
This repository is a community project in which we try to collect many ready-made Proactive Remediations packages and make them available to the Intune community.
If YOU have further ideas, we would be happy if you send them to us, open an issue in the repository or create a pull request.