Intune based deployment and provisioning delays |
Post Reply |
Author | |
RickestRick
Newbie Joined: 05 Jul 2022 Location: UK Status: Offline Points: 5 |
Post Options
Thanks(0)
Posted: 05 Jul 2022 at 10:19am |
Hi there, We are currently testing the corporate edition for a Hybrid join to AADJ migration for the remaining devices we have that are not fully AP+AADJ provisioned. We have the User Profile Migration tool packaged and deploying via Intune at present, which is working well on initial tests. What we are struggling with is the delay in time after the completion of the wizard process when the provisioning package carries out the actual removal and rejoin to AAD, which seems to be a significate amount of time and can require multiple reboots, which isn't ideal. Has anyone experienced the same or found ways to improve efficiencies at all in this area or are we doing something incorrectly? Thanks! |
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1844 |
Post Options
Thanks(0)
|
Hi,
User Profile Wizard will unjoin the computer from the on prem domain and then install the Provisioning Package at the end of the migration process (just before the first reboot). As you know, after this reboot, this is when Windows will join the computer to the domain, and why the 'Other User' option is not there immediately on first boot. In our tests, we see that the 'Other User' option does occur after a period of time, but we've also seen that if the computer is rebooted again (after giving it enough time to join Azure), the Other User option is there immediately on next reboot. Are you seeing different behaviour? Support.
|
|
RickestRick
Newbie Joined: 05 Jul 2022 Location: UK Status: Offline Points: 5 |
Post Options
Thanks(0)
|
Hi there, Thanks for the quick response. Yes so currently we land on the login screen with an option to use a local admin etc. if we log in under that account the logs verify the migration is complete but despite multiple reboots of the device the other user option doesn't appear unfortunately. We are having to leave the devices for a period of time before running the reboots as well, since carrying them out shortly after completion isn't helping. Are their any post migration follow-on processes we could script to alleviate this at all perhaps? We have a global userbase who are not office based so the steps need to implement with minimal interaction ideally. Thanks!
|
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1844 |
Post Options
Thanks(0)
|
Hi, If the computer is not joining AzureAD after the profile migration, it sounds like there could be a problem with the Provisioning Package; Does the User Profile Wizard migration log report 'Calling Provisioning Package... Done' ? Do you know if the Provisioning Package is working? You can run the PPKG manually on a computer on its own as a test to prove that, and you may find additional information in the Event Viewer or logs; You should be able to see entries in the Event Log to help identify what the problem is with the Provisioning Package under; Applications and Services Logs > Microsoft > Windows > User Device Registration > Admin If the Provisioning Package is actually failing to install, there is an additional log at C:\ProgramData\ForensiT\Logs\ProvisioningPackage.log. Support.
|
|
RickestRick
Newbie Joined: 05 Jul 2022 Location: UK Status: Offline Points: 5 |
Post Options
Thanks(0)
|
Hi, Yep, so the Calling Provisioning Package... Done step completes and there are no errors logged in the ProvisioningPackage.log. There are a few warnings in the User Device Registration in event viewer but they clear up and provisioning is occuring - it seems that the multiple reboots do eventually clear the issue. Unfortuntely we aren't able to replicate the issue when running the package manually - no reboots are required at all, it is only when running as part of the whole process that the problem is seen. Thanks
|
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1844 |
Post Options
Thanks(0)
|
Hi,
Have you seen this on more than one computer? Do the event viewer entries give you any indication as to what the issue is / was? At the end of the profile migration process, User Profile Wizard installs the Provisioning Package using the PowerShell cmdlet Install-ProvisioningPackage packagename.ppkg -ForceInstall How did you install the Provisioning Package when you tested manually, did you use the above PowerShell cmdlet or did you add the package via Settings? We've never seen any differences between User Profile Wizard installing the package, and it being installed manually via the PowerShell cmdlet, as it's the same process. Many thanks,
|
|
RickestRick
Newbie Joined: 05 Jul 2022 Location: UK Status: Offline Points: 5 |
Post Options
Thanks(0)
|
Hi, Sorry for the delayed response! We have actually resolved the issue now by changing some elements of the deployment and script :) The
only small problem we have now is that the machine flag file doesn't
ever seem to get created when deploying via Intune, which results in the
app being detected as failed etc. Is there anything obvious that we may be missing? Thanks! |
|
Support
Moderator Group Joined: 09 Nov 2006 Location: United Kingdom Status: Offline Points: 1844 |
Post Options
Thanks(0)
|
Hi,
The Migration Flag file is created and checked for in the Migration PowerShell script. Could you have modified the script so that it is no longer created, or perhaps you aren't using the migration script at all? If you are still having a problem, please contact us at support@forensit.com. Support.
|
|
Post Reply | |
Tweet
|
Forum Jump | Forum Permissions You cannot post new topics in this forum You cannot reply to topics in this forum You cannot delete your posts in this forum You cannot edit your posts in this forum You cannot create polls in this forum You cannot vote in polls in this forum |