It's Not Intune Related
Endpoint Triage · v1.0
Internal Endpoint Engineering Tool

Your ticket says Intune.
Reality says otherwise.

Before opening another "urgent, not working" ticket, type the problem below and let the endpoint gods judge you.

Now with 40% less guesswork, 200% more sarcasm, and exactly zero tolerance for tickets without evidence.

Privacy warning: Do not paste usernames, emails, hostnames, serial numbers, internal URLs, tenant names, ticket IDs, secrets, tokens, screenshots, or anything your CISO would use as a reason to cancel everyone's Friday.

Logs or it didn't happen.

Client-side onlyNo trackingNo storageNo AI callsQuery never leaves your browser

Scope of blame

Sourced from learn.microsoft.com/intune — filter before you file.

172 items

Things Intune actually does

92

Features, policies and workloads exposed by Microsoft Intune. Not the fix for your coffee machine.

Windows Autopilot provisioningWindows Autopilot device preparationAutomatic MDM enrollment via Entra IDBulk enrollment (provisioning packages)Apple Automated Device Enrollment (ADE / DEP)Apple Configurator enrollmentApple User EnrollmentApple Device Enrollment (BYOD)Android Enterprise fully managed enrollmentAndroid Enterprise corporate-owned with work profileAndroid Enterprise work profile (personally-owned)Android Enterprise dedicated (kiosk) devicesLinux (Ubuntu) enrollmentChromeOS device sync (via Google connector)Device configuration profilesSettings catalogAdministrative Templates (ADMX)OEMConfig for AndroidCustom OMA-URI (CSP) policiesPowerShell scripts (Windows)Shell scripts (macOS/Linux)Remediations (proactive remediations)Wi-Fi profilesVPN profilesPer-app VPNEmail profilesSCEP / PKCS certificate profilesDerived credentialsTrusted root certificatesDevice restrictionsDelivery Optimization policyDomain Join / OU placement (Hybrid)Enrollment status page (ESP) configurationWin32 app deployment (.intunewin)Line-of-business (LOB) app deploymentMicrosoft Store apps (new)Microsoft 365 Apps for enterprise deploymentWeb link appsmacOS PKG / DMG / VPP app deploymentiOS/iPadOS Volume Purchase Program (VPP) appsManaged Google Play appsApp configuration policies (managed apps and managed devices)App protection policies (MAM / APP)Selective wipe of corporate app dataApp-based Conditional Access (require managed app)Assignment filters (include / exclude by device property)Compliance policiesCustom compliance (JSON + PowerShell discovery)Conditional Access signal (device compliance)Security baselinesEndpoint security — Antivirus policy (Defender)Endpoint security — Disk encryption (BitLocker / FileVault)Endpoint security — Firewall policyEndpoint security — Endpoint detection and response (EDR)Endpoint security — Attack surface reduction (ASR)Endpoint security — Account protectionEndpoint Privilege Management (EPM)Local admin password solution (Windows LAPS)Multi-Admin Approval (access policies)Scope tags and role-based access control (RBAC)Windows Update ringsWindows feature updatesWindows quality updatesWindows driver updates (Windows Update for Business)Windows AutopatchExpedited Windows quality updatesiOS/iPadOS software update policiesmacOS software update policiesManaged Google Play update controlsDevice inventory and hardware detailsRemote actions (sync, restart, wipe, retire, reset passcode)Fresh Start (Windows)Autopilot resetWipe / retireCollect diagnostics (Windows)Remote HelpOrganizational messages (Windows 11)Customization (branding, support info)Tenant attach (Configuration Manager)Co-management workload slidersCloud PKI (Intune Suite)Enterprise App Management (Intune Suite)Advanced Analytics (Endpoint Analytics, anomaly detection)Endpoint Analytics (startup, reliability, app reliability)Device compliance reportsApp install status reportsPolicy assignment statusUpdate deployment reportsEndpoint security reportsGroup Policy analytics (GPO import)Audit logsDiagnostic settings to Log Analytics / Storage / Event Hub

Things Intune does not magically fix

80

Endpoint management is not witchcraft with an admin center. These belong to other queues.

Undocumented requirementsChange management skipped 'just this once'Ticket triageUser trainingForgotten passwordsLocked-out accounts (that's Entra ID)MFA fatigueConsent prompt confusionRogue local adminsManual registry edits done 'temporarily' in 2019Policies applied by humans pretending it was automationCross-tenant guest confusionLicensing gapsDNS chaosBroken PAC filesProxy authentication loopsSplit tunneling regretsFirewall rules blocking manage.microsoft.comCertificate chain issues on the network sideBandwidth throttling by the ISPNDES / SCEP servers being offlineOn-prem AD replication problemsDomain Controller time skewGPO conflicts (that's not Intune, that's GP)Entra ID Conditional Access misconfigurationsNamed locations that exclude the officeBreak-glass account misuseToken lifetime confusionSign-in risk policies blocking usersCross-tenant access settingsB2B guest access issuesBroken app back endsSaaS provider outagesMicrosoft 365 service incidentsTeams meeting audio qualityOutlook profile corruptionOneDrive sync conflictsSharePoint permissionsExchange transport rulesPower BI dataset refresh failuresThird-party MDM leftoversAntivirus not from Defender conflicting with policyPrinter paperPrinter tonerHDMI cablesUSB-C cables that are 'just charging'Broken chairsBroken screensCoffee machinesAir conditioningBatteries at end of lifeDocking stations from three vendors ago"It worked yesterday""Please fix ASAP" with no error messageVibesScreenshots of screenshots'Everything is broken' with no scopeMissing logsAssumptions labeled as evidenceRoot cause: 'the cloud'Spilled coffee on the laptop — againForgot the laptop at home and cannot workConference room booked by someone else, so IT is calledTeams background does not hide the messy bedroomPhishing email from the CEO asking for gift cardsMouse batteries died and no replacements in the drawerKeyboard sticky because the user ate lunch at the deskMonitor is blank because it is plugged into nothingVPN works in the office but not at the user's home — shockingPDFs open in Paint because the default app is wrongPersonal laptop does not receive company Win32 appsUser forgot to save the document and now it is goneExcel file corrupted after holding the power button for funHeadset only works in one ear after being sat onWebcam is blocked by a sticky note 'for privacy'Browser has 47 tabs and the device is slowSoftware license bought for the wrong tenantUser claims someone else changed their passwordHome internet is down but the user is 'remote'User installed CCleaner and now nothing boots

Official docs

Because opinions are not architecture.

Microsoft Intune Documentation

Explore guides, tutorials and references for Microsoft Intune.

Open Docs

What is Microsoft Intune?

Start here if someone thinks Intune is a printer repair service.

Open Overview

Plan your Intune deployment

Because 'just push the policy to everyone' is not a rollout strategy.

Open Planning Guide

Enroll devices

Where devices begin their managed life and occasionally their first existential crisis.

Open Enrollment Docs

Configure devices

Profiles, settings catalog, restrictions and the reason naming conventions matter.

Open Configuration Docs

Manage apps

App deployment, assignments, protection and install failures with personality.

Open App Docs

Keep devices updated

Update rings, feature updates, quality updates and the monthly ritual of controlled chaos.

Open Update Docs

Secure devices and data

Compliance, security baselines, endpoint security and Defender integration.

Open Security Docs

Protect apps and data

MAM, app protection, conditional launch and BYOD sanity preservation.

Open App Protection Docs

Monitor and troubleshoot

Reports, device health, app status and evidence that is better than feelings.

Open Troubleshooting Docs

Ticket Examples From the Abyss

Real patterns, sarcastically labeled.

Ticket
"Teams is broken."
Insufficient evidence.

"Broken how? Emotionally? Spiritually? With an error code perhaps?"

Ticket
"Autopilot stuck on ESP."
Definitely Intune.

"Finally, a real one. Bring logs, timestamps and the enrollment profile."

Ticket
"Printer has no paper."
Not Intune Related.

"Have you considered the advanced troubleshooting technique known as adding paper?"

Ticket
"VPN profile missing after enrollment."
Maybe Intune / Adjacent.

"Could be assignment, certificate, device group, VPN profile, or networking. Intune is a suspect, not yet convicted."

Ticket
"Some users sometimes cannot access something."
Insufficient evidence.

"This is not a ticket. This is a campfire ghost story."

Ticket
"Win32 app failed with detection rule error."
Definitely Intune.

"Detection rule failed? Excellent. We have entered the kingdom of actual endpoint troubleshooting."

Ticket
"Laptop is slow."
Insufficient evidence.

"Is it slow, or did the user install 47 Chrome extensions and call it 'work'?"

Ticket
"WiFi password expired."
Not Intune Related.

"Intune does not hold the sacred key to your Wi-Fi. Try your network team, a Ouija board, or the person who wrote the password on a sticky note."

Ticket
"App says Access Denied after Conditional Access."
Maybe Intune / Adjacent.

"Intune is waving its compliance flag. Entra ID is the bouncer. Talk to both before pointing fingers."

Ticket
"I need a new mouse because my cursor is moving by itself."
Not Intune Related.

"Your mouse is not haunted by Intune. It is either a dying battery, a cat, or the person at the next desk with an identical receiver."

Ticket
"BitLocker keeps asking for recovery key."
Definitely Intune.

"Intune, hardware change, firmware update, or someone who should not touch BIOS. Start with key rotation and hardware change history."

Ticket
"User forgot password and blames Intune."
Not Intune Related.

"Intune does not know your password. Intune does not care. Entra ID is that department."

Ticket
"Email signature is missing on phone."
Not Intune Related.

"Intune did not delete your email signature. Outlook did. Or the user. Mostly the user."

Ticket
"Windows update failed after Intune policy."
Maybe Intune / Adjacent.

"Could be an update ring, could be WU itself, could be a driver that hates happiness. Investigate first, blame later."

Ticket
"iPhone shows managed but apps are not installing."
Definitely Intune.

"VPP token, device assignment, license count, and iOS tantrums. This is an Intune conversation worth having."

Ticket
"My chair hurts my back."
Not Intune Related.

"Intune is a cloud service. It cannot feel your lumbar spine. Try facilities. Or a yoga class."

Ticket
"Teams call quality is terrible."
Insufficient evidence.

"Could be bandwidth, headset, VPN, Teams, or the user sitting on the mic. Intune did not ruin your call."

Ticket
"Device is compliant but still cannot get email."
Maybe Intune / Adjacent.

"Compliance is not the only gatekeeper. Check Entra CA, app protection, token health, and the user not having a license."

Ticket
"CCleaner made the laptop unbootable."
Not Intune Related.

"Intune did not ask you to install registry-wrecking snake oil. Rebuild and consider this a teaching moment."

Ticket
"Outlook calendar shows wrong time for a meeting."
Not Intune Related.

"Intune does not manage your calendar. Time zones do. Learn them. Love them."

Ticket
"Device keeps rebooting during Autopilot."
Definitely Intune.

"Autopilot loop, ESP, language pack, or driver pain. This is exactly why we are here. Logs. Now."

Ticket
"User opened a phishing link and blames Intune."
Not Intune Related.

"Intune can push Defender. It cannot push common sense. Send to security awareness training."

Ticket
"Screen is black on external monitor."
Not Intune Related.

"Is it powered on? Is it the right input? Is it plugged in? This is not endpoint management. This is cable management."

Ticket
"Battery drains fast after Intune enrolled device."
Maybe Intune / Adjacent.

"Could be policies, power settings, or the user streaming 4K cat videos. Correlation is not causation."

Ticket
"All users lost their Teams background."
Not Intune Related.

"A tragedy, but not an Intune tragedy. Unless you deployed a policy to delete fun. Then maybe."

Ticket
"Line-of-business app fails to install on 12 devices."
Definitely Intune.

"Assignment, dependency, requirement rule, detection rule, or the installer itself. Now we are playing real Intune."

Ticket
"User wants a pink wallpaper on all devices."
Not Intune Related.

"You technically can do this with Intune. But the question is: should you? No. No you should not."

Ticket
"VPN keeps disconnecting when the user leaves the building."
Not Intune Related.

"That is how Wi-Fi works. VPN is not a magical tether that follows you to the parking lot."