Generate & gather Windows 10 MDM client logs and diagnostics

This post has been republished via RSS; it originally appeared at: New blog articles in Microsoft Tech Community.

By Matt Shadbolt (@ConfigMgrDogs) | Senior Program Manager, Intune, Microsoft Endpoint Manager

 

When troubleshooting Windows 10 MDM in Microsoft Endpoint Manager, there's a handful of client logs and diagnostic information that are super helpful for the vast majority of situations.


Often, we'll go back-and-forth between support and our customers asking for pieces one-by-one. To make it a little easier for all involved, I've written a very simple PowerShell script that will gather a bunch of helpful info in one go.


It will generate a new MDMDiag report, dump PolicyManager from registry, export some event logs, and pull a bunch of DeviceManagement details including things like OS SKU and version information. It wraps all of this up into a ZIP file making it easy to dig a little deeper, or just send to us.

 

 

 

 

 

# # run me as a local admin, please # $regKeys = 'HKLM\Software\Microsoft\PolicyManager' $tempFolder = 'c:\temp\MEMLogs' $regOutput = 'c:\temp\MEMLogs\PolicyManager.reg' $timestamp = get-date -f yyyy-MM-dd-HHmmss # temp folder If(!$(Get-Item $tempFolder)) {mkdir $tempFolder } # reg file $regKeys | % {$i++ & reg export $_ "$tempFolder\$i.reg"} Get-Content "$tempFolder\*.reg" | ? {$_ -ne 'Windows Registry Editor Version 5.00'} | Add-Content $regOutput Remove-Item "$tempFolder\*.reg" -Exclude "PolicyManager.reg" # DM info Get-ChildItem -Path HKLM:SOFTWARE\Microsoft\Enrollments -Recurse | where{$_.Property -like "*UPN*"} | Out-File "$tempFolder\MDMRegistration.txt" Get-ChildItem -Path HKLM:SOFTWARE\Microsoft\Enrollments -Recurse | where{$_.Property -like "*EntDMID*"} | Out-File -Append "$tempFolder\MDMRegistration.txt" # event logs Copy-Item -Path "$env:SystemRoot\System32\Winevt\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Admin.evtx" -Destination $tempFolder Copy-Item -Path "$env:SystemRoot\System32\Winevt\Logs\Microsoft-Windows-DeviceManagement-Enterprise-Diagnostics-Provider%4Operational.evtx" -Destination $tempFolder # computer info Get-ComputerInfo | Out-File "$tempFolder\$env:COMPUTERNAME.txt" # MDMDiag Start-Process MdmDiagnosticsTool.exe -Wait -ArgumentList "-out $tempFolder\MDMDiag.html" -NoNewWindow # compress & cleanup Get-Item -Path $tempFolder\*.* -Exclude "*.zip" | Compress-Archive -DestinationPath "$tempFolder\MEMLogs_$timestamp.zip" Remove-Item -Path $tempFolder\*.* -Exclude "*.zip"

 

 

 

 

 

 

It's certainly not anything ground breaking, but I hope you find it a little helpful while trying to troubleshoot Windows client issues. If there's anything else you often gather for troubleshooting, let me know and I'll add it to the script. 

 

 

Leave a Reply

Your email address will not be published. Required fields are marked *

*

This site uses Akismet to reduce spam. Learn how your comment data is processed.