Introduction
I recently configured some custom profiles in Microsoft Intune, and it turned out that one of the policies failed hard on all devices. I had not seen this error before and went to search on the big internet for the error code to understand more about the return code.
I went to this website and the error says “the requested command is not allowed on the target”
All right, so I must have configured something wrong in my policy…
Let’s have a look!
Debug time
This is how the error looks like in Intune.
If we deep dive into the client’s event log we can better see what happens
(The event log can be found in Applications and Services Logs -> Microsoft -> Windows -> DeviceManagement-Enterprise-Diagnostics-Provider -> Admin)
MDM PolicyManager: Set policy int, Policy: (AllowTelemetry), Area: (System), EnrollmentID requesting set: (CAB662A0-E788-4DE5-B203-2240C4006957), Current User: (Device), Int: (0x2AFE388), Enrollment Type: (0x6), Scope: (0x0), Result:(0x86000011) Unknown Win32 Error code: 0x86000011.
We have discovered the problem. Now to the configuration in Microsoft Intune to see what we configured.
I have configured AllowTelemetry and set the Data type to a string.
To troubleshoot further I went to the registry of a device and searched for “AllowTelemetry” until I found this
Did you notice what I missed?
Yes, I had by accident set the custom profile to a “String” and not an “integer”, that’s why the policy cannot apply to the client.
I went back to Microsoft Intune and into the policy with error.
Deleted the old row and changed the data type to “Integer” and saved it.
Manually synced a client with the policy assigned and THEN the policy applied as supposed.
Jobs done!
This article was created to show how to debug such error.
To configure telemetry going forward you should use the Settings Catalog.
Summary
Microsoft Intune is very good at reporting back; however, it could have been a better error message to easier understand the issue without too much searching around.
Hope this helped you along with your troubleshooting.
Mattias Melkersen is a community driven and passionate modern workplace consultant with 20 years’ experience in automating software, driving adoption and technology change within the Enterprise. He lives in Denmark and works at Mindcore.
He is an Enterprise Mobility Intune MVP, Official Contributor in a LinkedIn group with 41.000 members and Microsoft 365 Enterprise Administrator Expert.
Mattias blogs, gives interview and creates a YouTube content on the channel "MSEndpointMgr" where he creates helpful content in the MEM area and interview MVP’s who showcase certain technology or topic.
Official Contributor here "Modern Endpoint Management":
https://www.linkedin.com/groups/8761296/