Troubleshooting Blog

6. User Authentication Issues Error: "Access denied" / SSH login failure. Cause: Expired password, wrong shell, bad SSH keys. Fix: passwd, usermod, check /var/log/secure. 7. Package Management Errors Error: Broken deps, missing repos. Cause: Corrupt repo, outdated cache. Fix: apt update/upgrade, yum clean all. 8. Kernel Panics / System Freezes Cause: Hardware driver issues, faulty modules, bad updates. Fix: Check /var/log/kern.log, update/rebuild kernel. 9. SELinux/AppArmor Denials Error: Service won't start despite correct perms. Cause: Mandatory access control blocks. Fix: audit2why, audit2allow, adjust SELinux policy. 10. Synchronization Issues Error: Logs out of order, Kerberos/SSL failures. Cause: NTP not running, drifted clock. Fix: timedatectl, systemctl restart chronyd/ntpd.

1. Disk Space Full Error: "No space left on device." Cause: Logs, core dumps, /tmp overflow. Fix: df -h, du -sh, clean /var/log. 2. High CPU/Memory Usage Error: System is slow, OOM kills. Cause: Runaway process, memory leak. Fix: top, ps aux, kill process, tune app. 3. Network Connectivity Issues Error: "Host unreachable" or DNS failures. Cause: Bad NIC config, firewall, DNS issues. Fix: ping, dig, ip addr, restart networking. 4. Service Startup Failures Error: "Failed to start service." Cause: Wrong config, port conflict, missing dep. Fix: systemctl status, journalctl -xeu. 5. File Permission Problems Error: "Permission denied." Cause: Wrong ownership, SELinux restrictions. Fix: ls -l, chmod, chown, getenforce.

→ Step 1: Prerequisites → Windows 10 version 1703 or later → Azure AD joined or Hybrid Azure AD joined → Microsoft Intune and Azure AD Premium licenses → Devices connected to internet during OOBE → OEM vendor supports Autopilot → Step 2: Enable Autopilot in Intune → Go to endpoint.microsoft.com → Navigate to Devices → Windows → Windows Enrollment → Autopilot → Select Devices → Import CSV with hardware hash → Devices listed in Autopilot devices → Step 3: Obtain Device Hardware Hash → Install-Script -Name Get-WindowsAutopilotInfo → Get-WindowsAutopilotInfo -OutputFile C:\HWID\DeviceID.csv → Upload CSV to Intune portal → Step 4: Create Deployment Profile → Go to Windows Enrollment → Deployment Profiles → Create Profile → Platform: Windows PC, Type: User-Driven → Convert all targeted devices to Autopilot = Yes → Optional: Skip privacy settings, EULA, etc. → Step 5: Assign Profile to Devices → Navigate to Windows Enrollment → Devices → Select devices → Assign Profile → Choose created deployment profile → Device syncs Autopilot profile during setup → Step 6: Create Dynamic Groups → Azure AD → Groups → New Group → Dynamic Device → Use rule: (device.devicePhysicalIDs -any _ -contains "[ZTDId]") → Automatically includes registered Autopilot devices → Step 7: Assign Apps & Policies → Go to Intune → Apps → Windows → Assign apps to Autopilot group → Go to Configuration Profiles → Assign device policies → Assign Wi-Fi, restrictions, compliance rules → Step 8: Enrollment Process → Device delivered to user with factory-installed Windows → On first boot + internet: pulls Autopilot profile → Device auto-enrolls into Intune and configures settings → User ready without IT involvement

$Username = "LocalAdmin" # Change to desired username $Password = ConvertTo-SecureString "Net@admin$1" -AsPlainText -Force # Replace with a secure password $Description = "Local Admin Account created via Intune" # Check if the user already exists if (-not (Get-LocalUser -Name $Username -ErrorAction SilentlyContinue)) { # Create the local user account New-LocalUser -Name $Username -Password $Password -FullName $Username -Description $Description -PasswordNeverExpires # Add the user to the Administrators group Add-LocalGroupMember -Group "Administrators" -Member $Username Write-Output "Local admin account '$Username' created and added to Administrators group." } else { Write-Output "Local admin account '$Username' already exists." } ➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖➖ ▪️ Log in to the Microsoft Intune Admin Center. ▪️Go to Devices > Scripts and remediations, then click the platform script Click + Add > Windows 10 and later. ▪️Name your script (example - custom Local Admin Account). ▪️Upload your .ps1 file (saved from the script above). ▪️In the Settings: 1. Run this script using the logged-on credentials: No 2. Enforce script signature check: No 3 .Run script in 64-bit PowerShell: Yes ▪️Assign to the correct device group. ▪️Click Next through the rest, then Create

INTUNE MANAGEMENT EXTENSION LOGS C: \ProgramData\Microsoft \IntuneManagementExtension\.ogs • IntuneManagementExtension.log: Main log for app deployment, script execution • AgentExecutor.log: Tracking script execution • Sensor.log: Endpoint Analytics data collection bgs • Scripts.log: Custom script execution via Intune EVENT VIEWER LOGS • Applications and Services Logs Logs > Microsoft > Windows > DeviceManagement-Enterprise-Diagnostics-Provider > Admin • Use for MOM policy deployment events and troubleshooting OM-IRI, CSP-based policies REGISTRY PATHS • HKEY_LOCAL_MACHNE\SOFTWARE\Microsoft\PolicyManager • HKEY_LOCAL_MACHNE\SOFTWARE\Microsoft\Enrollments • HKEY_LOCAL_MACHNE\SOFTWARE\Microsoft\ Enterprise DesktopAppManagement Useful for verifying policy application COMPANY PORTAL LOGS (IF USED) %localappdata%\Packages\Microsoft.CompanyPortal_Bwekyb3dBbbwe\LocalState\DiagOutputDir Troubleshoot issues with: • Enroliment, App availability: CompanPortal interactions TASK SCHEDULER Path: Task Scheduler -Pamcét > Windows > EnterpriseMgmt Check status for 'PushLaunch' if deployment hasn't triggereed

1. Identify the Error Code: - Note the error code displayed on the blue screen -> Search online for specific solutions for that error code and find root cause of the issue 2. Update Drivers: - Open Device Manager - Check for devices with yellow exclamation marks - Right-click these devices and select "Update driver" - Choose "Search automatically for drivers" 3. Run System File Checker: - Open Command Prompt as administrator - Type "sfc /scannow" and press Enter - Wait for the scan to complete 4. Check RAM Issues: - Press Win + R, type "mdsched.exe" and press Enter - Choose "Restart now and check for problems" - Let the memory diagnostic tool run

Method 1. "sfc /scannow" - built-in Windows utility that scans and repairs corrupted or damaged system files 2. "DISM /Online /Cleanup-Image /RestoreHealth" - scan and repair corrupted system files and registry entries in the online Windows installation - (used if SFC fails) 3. "chkdsk C: /f /r" - check the disk and file system on the C: drive for errors and corruption, and to repair or recover data as needed - when You encounter disk errors or corruption - when You suspect that your disk is failing or has bad sectors - when experience system crashes or freezes. 4. "net stop wuauserv" - used to stop the Windows Update service 5. "net stop bits" - used to stop the Background Intelligent Transfer Service (BITS). 6. "del %windir%SoftwareDistribution*.* /s /q" - Note: Deleting the SoftwareDistribution folder contents can cause Windows Update to re-download update files and re-configure the update process. This can take some time and may impact system performance. - Deletes corrupted Windows Update cache files 7. "net start wuauserv" - used to start the Windows Update service 8. "net start bits" - used to start the Background Intelligent Transfer Service (BITS). - BITS is a Windows service that facilitates the transfer of files between a client and a server. It is used by various Windows components, including: -Windows Update: BITS is used to download updates from Microsoft's update servers. - Windows Defender: BITS is used to download definition updates and other data.

1. Run the Network Troubleshooter: - Go to Settings -> System -> Troubleshoot -> Other troubleshooters -> Please Find "Network Adapter" and click "Run" - Follow the on-screen instructions 2. Reset Network Settings: - Go to Settings > Network & Internet > Advanced network settings - Find "Network reset" and click it - Click "Reset now" and follow prompts - Your PC will restart and network adapters will be reset 3. Update Network Drivers: - Right-click Start button and select "Device Manager" - Expand "Network adapters" - Right-click your network adapter and select "Update driver" - Choose "Search automatically for drivers" 4. Check for Windows Updates: - Go to Settings > Windows Update - Click "Check for updates" - Install any available updates 5. Disable VPN or Proxy: - Go to Settings > Network & Internet > VPN or Proxy - Temporarily disable any VPN or proxy services - Test your connection again