Intune is a pretty neat system for managing PC’s when you don’t have access to a full System Center and/or you don’t have any other management systems in place. Frankly, I think it’s a great tool to use for small business, specially so when you use it to manage Microsoft Updates, Microsoft anti-virus and, possibly, your other software installs. I’d rather manage updates for a small network (say up to 25 ~ 30 users) via Intune than manage a local WSUS install.
But, as good as Intune can be, there are times when its agent can really mess up and then you have to do some work to fix things. Case in point: I fired up my laptop today after being offline for a few days. A minute or two after I logged in I received a weird message from Office about “uninstallation complete” and shortly after that my machine started to complain about not having and anti-virus program installed. I was surprised by that as we manage all of this through Intune.
I logged into our Intune Admin Portal and my machine was listed in the machine inventory in the portal but there were error conditions listed for the machine. On my machine, when I brought up the Windows Intune Center, it reported that Intune was not configured to install/maintain the anti-virus even though may machine was part of a group in our Intune Admin Portal that explicitly applies the Microsoft anti-virus to machines in the group and it would NOT apply updates even thought updates were listed as waiting for installation in the portal. Very curious …
In our Intune Portal I instructed the system to “Retire” my machine which is the recommended way to have Intune uninstall itself from your machine:
I did this and waited about 10 minutes. I then attempted to reinstall the Intune Agent on my machine but the install stopped and told my Intune was already installed. More curious because my machine no longer appeared in the machine inventory in the Admin Portal! NOTE: Make sure you only select the RETIRE portion and not the WIPE!
At this point I did some Googling and found a number of posts about how to “manually” uninstall the Intune Agent when things don’t go quite as planned with a “retirement”. I tried a few but everything I tried appeared to be tied to creating a scheduled job that would run the uninstaller and none of that worked for me. I then stumbled across a couple of posts that suggested using the following command at an elevated command prompt:
wmic product where “name like ‘%intune%’” call uninstall
Make note of the single and double quotes! Also note that it will run for a period of time and you will see at least two packages being uninstalled. But once the command runs you can be pretty well assured that the Intune Agent has been removed from your system. Once uninstalled you should reboot your machine then you can re-install the Intune Agent software and re-integrate your machine back into Intune.
I did all of this with my machine (Windows 8.1 Update 1) and Intune (and anti-virus) are now back in place; machine is updating as I type this and all is good again in Intune land. I have no good idea as to why the Intune Agent on my machine and the Intune backend decided that they didn’t like each other; it seems that we had a few machines in our office go a bit strange at about the same time. Louis has speculated that it may have had something to do with some changes in our O365 and that is fair comment as Intune and O365 do have a loose integration. But, whatever the reason, performing the retire in the portal and the wmic command on my local machine definitely allowed me to reinstall Intune cleanly and get back on board with anti-virus and Microsoft Updates.