Back to all tools
OtherTroubleshooting

Intune Win32 Retry Reset Script

PowerShell tool for Microsoft Intune that forces an immediate retry of a failed Win32 app deployment by clearing the local IME state for the target AppId and restarting the Intune Management Extension service. It does not uninstall the app or modify files; it only resets local Intune state to bypass the Global Re-evaluation Schedule (GRS) and prompt another install attempt. Includes a WhatIf preview and logs to C:\ProgramData\IME-DeepReset-<AppId>.log.

Created by

Security Analysis

6of 6
All Checks Passed

1 files scanned on Jul 12, 2026

No Obfuscated Code
No Remote Execution
No Credential Theft
No Data Exfiltration
No Malicious Patterns
No Hardcoded Secrets
AI Analysis

The code is a destructive admin utility designed to locate and delete IME-related registry traces for a given Win32 AppId and then restart the IntuneManagementExtension service. It does not perform remote code execution, credential harvesting, data exfiltration, or obfuscated behavior. However, its registry-wide deletion capability poses a real risk of unintentionally disrupting Intune functionality. The tool includes ShouldProcess/WhatIf for safety, but operators should enforce strict input validation, explicit approvals, and targeted scope to minimize blast radius.

You might also like

Other

GIST - Gist Intune Script Trigger

GIST - Gist Intune Script Trigger is a compact collection of PowerShell scripts for diagnosing and troubleshooting Intune devices. It features a menu-driven interface accessible via a simple one-liner (iwr gist.ittips.ch | iex) and supports direct gist IDs for quick runs. The scripts require no parameters, have no external dependencies, and prioritize safety by not altering system settings.

MariusMarius +1
Other

IntuneNetworkRequirements

The Intune Network Requirements PowerShell tool is a comprehensive script designed to validate whether all required Microsoft Intune and related service endpoints are reachable from a given network. It performs layered tests, including DNS resolution, TCP/UDP connectivity, HTTP/S responses, TLS/SSL validation, and optional CRL verification, to detect issues such as blocked ports, incorrect routing, proxy or TLS interception, and missing endpoint access.

Martin HimkenMartin Himken
Other

macOS Defender Check

macOS Defender Check is a testing toolkit for Microsoft Defender for Endpoint on macOS. It validates MDE installation and health, tests Tamper Protection and Web Protection across multiple browsers, and supports custom URL indicators with CSV import. The suite produces detailed logs and CSV reports to aid pre- and post-deployment validation, troubleshooting, and compliance auditing.

Niklas BruhnNiklas Bruhn
Desktop App

IntuneLogWatch

IntuneLogWatch is a macOS application for analyzing Microsoft Intune logs and delivering human-readable insights. It converts raw log data into understandable summaries, highlighting trends and issues for IT admins. Designed to simplify troubleshooting and ongoing monitoring of Intune deployments with clear, actionable information.

Gil BurnsGil Burns