A recent review in a co-managed Configuration Manager/Intune environment revealed several devices where the “Managed by” setting indicated Intune instead of Co-managed. Further investigation of the comanagmenthandler.log showed that the device provisioning state was marked as not provisioned.
Auto enrollment agent is initialized.
Discovery Data already sent on AAD Join
Device is enrolled.
Device is not provisioned
Send Comanagement Report after AAD Join if MDM Enrolled
Device is not provisioned
After opening a case with Microsoft, we discovered a simple solution. The MDM Bridge WMI Provider and the MDM_Client class MOF files need to be recompiled.
mofcomp.exe "C:\Windows\System32\wbem\DMWMIBRIDGEPROV1.MoF"
mofcomp.exe "C:\Windows\System32\wbem\MDMSettingsProv.mof"
After recompiling the MOF files, we reset the Configuration Manager policy.
([wmiclass]'ROOT\ccm:SMS_Client').ResetPolicy(1)
We then forced the evaluation of the “CoMgmtSettinsProd” configuration baseline to speed things along.
$Displayname = "CoMgmtSettingsProd"
$eval = Get-WmiObject -Namespace root\ccm\dcm -Class SMS_DesiredConfiguration | Where-Object {$_.DisplayName -eq $Displayname}
Invoke-CimMethod -namespace root\ccm\dcm -classname SMS_DesiredConfiguration -MethodName TriggerEvaluation -Arguments @{"Name" = $eval.Name; "Version" = $eval.Version; "PolicyType" = $eval.PolicyType}
We monitored the comanagementhandler.log file. Eventually, the log indicated that the device had been successfully provisioned. After the computer sent its status to Intune, Intune now correctly shows Managed by as Co-managed.
ConfigGirl 
Leave a comment