Patch My PC Blog
Get expert insights, how-to guides, product updates, and best practices for streamlining patch management, improving endpoint security, and optimizing IT operations.
When Autopatch Client Broker runs as a blocking app during Autopilot Pre Provisioning, one small Environment check can take down the MSI. Windows already removed the TenantInfo, the custom action still expects it, and ESP ends with 1603.
The Company Portal suddenly started failing during Autopilot pre provisioning with error 0x87D1041C, even though the app was already present on the device. We traced the issue back to a Windows change introduced with the May update and confirmed the fix after Microsoft reverted the rollout.
The IME does a lot more than most people think. This post is about automating Intune Management Extension Release Notes, so every new version shows what changed instead of leaving us guessing.
The Intune portal can show a fresh Last check in even when the MDM certificate on the device has already expired. That timestamp only proves the device was able to touch the service. It does not prove that policy sync, app delivery, or real management is still working.
Download IntuneWin files from Microsoft Intune with the rebuilt IntuneWin Downloader. This version makes it easier to find assigned Win32 apps and recover the original app content when the source files are no longer available.
Maintenance Window Settings Catalog briefly showed up in the Intune In development documentation and was later pulled back. The Settings Catalog experience is no longer listed, but the Windows Update CSP still exposes the maintenance window policy settings.
Controlled Configuration for Microsoft Defender antivirus settings is coming. Microsoft describes it as an extension of Tamper Protection, with Intune taking control of Defender policy enforcement.
A missing Autopilot profile often makes Windows show the full OOBE flow again. That looks like the device was not recognized as corporate, but the profile only controls the setup experience. The real ownership check happens later, when Intune evaluates the device identity and ZTDID during enrollment.
Windows 11 hotpatch updates can reduce reboots, but they do not move every part of Windows forward at the same pace. Microsoft has now confirmed the reset issue, while Secure Boot still depends on the baseline path.