Following recent discussions about Win32 apps, this article shifts the focus to the Intune Management Extension (IME) and its crucial role in maintaining system health. The IME, integral for installing Win32 apps, executing PowerShell scripts, and conducting inventories, requires consistent functioning. To ensure this, the Intune Management Extension Health Evaluation plays a vital role, mainly by performing systematic checks on the IME service.

Beginning with the Scheduled Task The IME client health check originates from a scheduled task created during the IME installation. This task runs daily with a randomized one-hour delay, executing the file located at C:\Program Files (x86)\Microsoft Intune Management Extension\ClientHealthEval.exe. This executable, along with its configuration file, oversees the health check process. The generated logs, stored in the standard IME log directory, provide detailed insights from both the ClientHealth component, focusing on the actual checks, and the IntuneManagementExtension component, detailing more generic tasks.

Delving into the Client Health Checks To understand the IME client health check thoroughly, one can analyze the ClientHealthEval.exe using tools like JetBrains dotPeek. This reveals the HealthCheck.xml file at the core of the process, which details all the necessary checks. These rules, well-described within the XML file, include their remediation actions.

The key checks comprise:

  1. Verifying the Existence of the IME Service: This initial check confirms the presence of the IME service and has no specified remediation process.
  2. Checking and Correcting IME Service Startup Type: This rule ensures the IME service’s startup type is correct and adjusts it if necessary.
  3. Verifying and Remedying IME Service Status: This check monitors the service status and makes corrections as required.
  4. Monitoring and Managing IME Memory Usage: The final check oversees the memory usage of the IME service and restarts the service if it exceeds the set threshold.

The progress and outcomes of these checks are recorded in the ClientHealth.log, based on their unique IDs and names.

Reporting the Client Health Checks Upon completion, the health check results are aggregated in the HealthReport.json file. This report includes the status of each rule and is then sent to Microsoft Intune for analysis and record-keeping.

This methodical approach ensures continuous monitoring and maintenance of the IME, supporting the effective operation of essential services within the Microsoft Intune ecosystem.

For the complete article by Peter van der Woude: