Microsoft Intune is a cloud-based service that allows you to remotely manage the use of devices in your company. This includes smartphones, tablets, and laptops, as well as desktops. When a Windows 10 computer connects to an organization, policies are applied to the user and the device. This means that if your Windows 10 device fails to sync with Intune after logging in, this article will help you troubleshoot the issue.
The sync problem reportedly varies randomly from two minutes to two days. Even when you run a manual sync on the device or through the Intune Azure portal, the sync doesn’t start. In fact, the Windows client doesn’t even generate logs for it, making it difficult to identify.
What is the reason Microsoft Intune doesn’t sync?
Enterprise Mobility + Security disabled: If Enterprise Mobility + Security is disabled, this may be the cause of an ongoing problem with Microsoft Intune.
The device is registered to more than one organization: If the device is registered to more than one organization, Microsoft Intune may not sync with one account.
Firewall system port 444 is closed: Microsoft Intune uses firewall port 444 to communicate with its servers. If port 444 is closed, it can cause synchronization problems.
How do I fix a Microsoft Intune synchronization problem?
Unregistering the device from other organizations
The “Cannot start synchronization” error may also be due to users’ devices being registered with multiple organizations.
- To resolve this issue, click the Start button.
- Click the Settings button on the Windows 10 Start menu.
- Select Accounts in Settings.
- On the left side of the Settings window, click Access to work or school.
- If the machine is connected to another organization, select the account specified for it.
- Then click the Logout button for the selected account.
- Users should now have an organizational account for Intune.
Verify that Enterprise Mobility + Security E3 is enabled
Some users have solved the Intune synchronization problem by enabling Enterprise Mobility + Security E3 in the Office 365 admin portals.
- To check whether Enterprise Mobility is enabled for a particular user, administrative users should log in to their Office 365 portals.
- Select the user account for which the synchronization error occurred.
- Click the Edit button for the product licenses.
- Then enable Enterprise Mobility + Security E3 if it is not enabled.
- Users will then have to reboot the affected device to sync it again. Open the Settings app in Windows 10.
- Then click on Work or School Access and re-sync the device from there.
Opening port 444
Some users have eliminated the “Could not initiate sync” error by opening port 444 for devices registered to Azure AD, which may be blocked in some organizations.
- To open the port, press the Windows + S shortcut.
- Type “Windows Defender Firewall” as a search term.
- Click on Windows Defender Firewall with Advanced Security to open the window.
- Right-click Incoming Rules on the left side of the window to select New Rules.
- Select Ports and click Next.
- Select the TCP or UDP protocol option for your port.
- Then enter the port number 444 in the Specific local ports field.
- Select the Allow Connection option.
- Click Next to open the profile options.
- Click Next again and enter the name of the firewall rule.
- Click Finish.
Frequently Asked Questions
Select Accounts. Select Work Access, then select the organization to which you are subscribed. Additional buttons should appear at this point. Click the Sync button to synchronize the policy with Intune. You can click the About button for more information about the synchronization action.
This process usually takes less than 5 minutes. However, if the device does not register for the new policy, Intune will try to notify it 3 more times.
Open the Enterprise Portal app and go to "My Devices" - click on the Android or iOS device you are using and click on the "Verify Compliance" link. This will initiate the new policy to sync with Intune and internally check your iOS or Android device for compliance.
Go back to Intune and click "Save." Once you click the `Save' button, the `Sync' button will turn blue. Click the `Sync` button to sync MSfB applications with Intune. Wait a few minutes, then go back to "Applications", the application will now be added to the list.