Force Intune settings sync on computers [2024]

Default intervals

Default refresh intervals for policies and compliance checks

Intune sends a notification to the device to check in with the service. The timing of these notifications can vary, ranging from immediately to several hours. The frequency of these notifications can also differ depending on the platform.

Platform	Refresh cycle
iOS/iPadOS	About every 8 hours
macOS	About every 8 hours
Android	About every 8 hours
Windows 10/11 PCs enrolled as devices	About every 8 hours
Windows 8.1	About every 8 hours

If the device doesn't check in to receive the policy or profile after the initial notification, Intune will attempt to notify the device three more times. If the device is offline, such as if it is powered off or not connected to a network, it may not receive these notifications. In this case, the device will receive the policy or profile during its next scheduled check-in with the Intune service. This also applies to checks for non-compliance, including situations where a device moves from a compliant to a non-compliant state.

If devices have recently enrolled, then compliance, non-compliance, and configuration checks will occur more frequently. The frequency of these checks is roughly as follows:

Platform	Refresh cycle
iOS/iPadOS	Every 15 minutes for 1 hour, and then around every 8 hours
macOS	Every 15 minutes for 1 hour, and then around every 8 hours
Android	Every 3 minutes for 15 minutes, then every 15 minutes for 2 hours, and then around every 8 hours
Windows 10/11 PCs enrolled as devices	Every 3 minutes for 15 minutes, then every 15 minutes for 2 hours, and then around every 8 hours
Windows 8.1	Every 3 minutes for 15 minutes, then every 15 minutes for 2 hours, and then around every 8 hours

Default refresh interval for Win32 applications and scripts

The deployment of PowerShell scripts or Win32 applications (.exe via intunewin) follows its own schedule, occurring every 60 minutes.

The Intune management extension agent checks after every reboot for any new scripts or changes.

Once the script executes, it doesn't execute again unless there's a change in the script or policy.

If the script fails, the Intune management extension agent retries the script three times for the next three consecutive Intune management extension agent check-ins.

For policies, check the keys Results et Download Count in HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IntuneManagementExtension\Policies\UserGUID\policyGUID

For Win32Apps and scripts, check : HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\IntuneManagementExtension\Win32Apps\UserGUID\ScriptGUID

To get guid for an app/script, use C:\ProgramData\Microsoft\IntuneManagementExtension\Logs

Force the synchronization to Intune

When you worked with on-premise environments, like Active Directory, you often use some commands to force the configuration applying on computers.

For example, in an AD, you use to run gpupdate, but, what is the gpupdate in Intune ?

You should know that even with the execution of these commands, it may take between 8 and 24 hours for everything to be applied.

There are other methods like Intune portal, via Company Portal, via Settings. However they are not shown here because the command line method is preferred in this article.

On the computer run Powershell as admin an execute:

Get-ScheduledTask 'PushLaunch' | Start-ScheduledTask

If you deploy Win32 applications (.exe via intunewin) or PowerShell scripts you also have to restart the Microsoft Intune Management Extension service. There are several methods:

# Method 1 : restart the service (admin)
Restart-Service 'IntuneManagementExtension'

# Méthode 3 : sync command with PowerShell object (admin)
$shell = New-Object -ComObject Shell.Application
$shell.open("intunemanagementextension://syncapp")

# Method 3 : use the sync command from run/Win+R (admin) - does not always work
intunemanagementextension:syncapp

Clap