Easily check required connectivity for Intune from within a customer network

April 18, 2024 Joymalya Basu Roy General, Microsoft Intune 2

For people working with Intune and Windows/Autopilot/Windows Modern Management in customer projects, you would agree with me when I say that many times, it is the customer network that brings to us the biggest hurdle/roadblock/challenge to overcome, and that is, regarding the connectivity to the different required URLs being blocked by proxy/firewall.

The scene that follows is usually a chain of emails going back and forth between us and the representatives of the customer network team that goes on for days just on the subject of whitelisting required URLs.

To manage devices behind firewalls and proxy servers, you must ensure seamless communication between the managed devices and Intune (outbound).

For this, Microsoft has the required endpoint URLs for Microsoft Intune service already listed here https://learn.microsoft.com/en-us/mem/intune/fundamentals/intune-endpoints?WT.mc_id=M365-MVP-5004140&tabs=north-america that needs to be whitelisted.

Further, Intune requires unauthenticated proxy server access to ‘manage.microsoft.com‘, ‘*.azureedge.net‘, and ‘graph.microsoft.com‘. Also, SSL traffic inspection is not supported for ‘manage.microsoft.com‘, ‘dm.microsoft.com‘, and the Device Health Attestation (DHA) endpoints.

But even after the networking team reverts with an answer that all the required URLs have been whitelisted, you will often find that connectivity is still broken. And this is mostly because the network team trying to play smart. In such cases, you need to respond with proof to get the proper whitelisting done.

But how do you get that proof?

There is this script Test-DeviceRegConnectivity.ps1 available from GitHub that helps to test the Internet connectivity to the following Microsoft resources under the system context to validate the connection status between the device and Microsoft resources that are used during the device registration process:

  •     https://login.microsoftonline.com
  •     https://device.login.microsoftonline.com
  •     https://enterpriseregistration.windows.net

But this is limited to the above set of URLs only and does not really test connectivity for all the required and dependency service endpoints for Intune. The only other script that I could get my hands on to from extensive googling was this one Test-MicrosoftEndpointNetworks.ps1.

This one, as expected from Mattias, covers all the required test areas and thus includes the required endpoints for Intune and other dependency services. However, with the endpoint URLs subjected to connectivity check in the script being hardcoded, it requires an effort for script maintenance as and when anything changes from the MS end.

So I was in search of something, in theory, that could fetch the latest set of URLs related to the service that are required to establish the connectivity test, thus negating the manual script maintenance effort.

Luckily enough, Microsoft does provide a REST-based web service, the Office 365 Endpoint service, an API to which we can invoke a RESTful web request to retrieve the service endpoint URLs and IPs.

(invoke-restmethod -Uri ("https://endpoints.office.com/endpoints/WorldWide?ServiceAreas=MEM`&`clientrequestid=" + ([GUID]::NewGuid()).Guid)) | ?{$_.ServiceArea -eq "MEM" -and $_.urls} | select -unique -ExpandProperty urls

From here, I created the below script with which you can easily test the required connectivity check from within a customer network to see which required endpoints are reachable and which are not.

<#
Script Name: Test-IntuneConnectivity.ps1
Author: Joymalya Basu Roy

DESCRIPTION
The script is created based on the Microsoft 365 IP Address and URL web service (https://aka.ms/ipurlws). 
A REST API call is made to the Worldwide instance to obtain the latest endpoint URLs 
for Service Area "MEM" and then check connectivity to those endpoint URLs from the client.

PARAMETERS
n/a

PREREQUISITES
PS script execution policy: Bypass
PowerShell 3.0 or later
Does not require elevation
#>

Function Get-ProxySettings {
    # Check Proxy settings
    Write-Host "Checking winHTTP proxy settings..." -ForegroundColor Yellow
    $ProxyServer = "NoProxy"
    $winHTTP = netsh winhttp show proxy
    $Proxy = $winHTTP | Select-String server
    $ProxyServer = $Proxy.ToString().TrimStart("Proxy Server(s) :  ")

    if ($ProxyServer -eq "Direct access (no proxy server).") {
        $ProxyServer = "NoProxy"
        Write-Host "Access Type : DIRECT"
    }

    if ( ($ProxyServer -ne "NoProxy") -and (-not($ProxyServer.StartsWith("http://")))) {
        Write-Host "Access Type : PROXY"
        Write-Host "Proxy Server List :" $ProxyServer
        $ProxyServer = "http://" + $ProxyServer
    }
    return $ProxyServer
}

Function Get-M365CommonEndpointList {
    # Get up-to-date URLs
    $endpointListM365 = (invoke-restmethod -Uri ("https://endpoints.office.com/endpoints/WorldWide?ServiceAreas=Common`&clientrequestid=" + ([GUID]::NewGuid()).Guid)) | Where-Object { $_.ServiceArea -eq "Common" -and $_.urls }

    # Create categories to better understand what is being tested
    [PsObject[]]$endpointListCategoriesM365 = @()
    $endpointListCategoriesM365 += [PsObject]@{id = 56; category = 'M365 Common'; mandatory = $true }
    $endpointListCategoriesM365 += [PsObject]@{id = 59; category = 'M365 Common'; mandatory = $true }
    $endpointListCategoriesM365 += [PsObject]@{id = 78; category = 'M365 Common'; mandatory = $true }
    $endpointListCategoriesM365 += [PsObject]@{id = 83; category = 'M365 Common'; mandatory = $true }
    $endpointListCategoriesM365 += [PsObject]@{id = 84; category = 'M365 Common'; mandatory = $true }
    $endpointListCategoriesM365 += [PsObject]@{id = 125; category = 'M365 Common'; mandatory = $true }
    $endpointListCategoriesM365 += [PsObject]@{id = 156; category = 'M365 Common'; mandatory = $true }
    
    # Create new output object and extract relevant test information (ID, category, URLs only)
    [PsObject[]]$endpointRequestListM365 = @()
    for ($i = 0; $i -lt $endpointListM365.Count; $i++) {
        $endpointRequestListM365 += [PsObject]@{ id = $endpointListM365[$i].id; category = ($endpointListCategoriesM365 | Where-Object { $_.id -eq $endpointListM365[$i].id }).category; urls = $endpointListM365[$i].urls; mandatory = ($endpointListCategoriesM365 | Where-Object { $_.id -eq $endpointListM365[$i].id }).mandatory }
    }

    # Remove all *. from URL list (not useful)
    for ($i = 0; $i -lt $endpointRequestListM365.Count; $i++) {
        for ($j = 0; $j -lt $endpointRequestListM365[$i].urls.Count; $j++) {
            $targetUrl = $endpointRequestListM365[$i].urls[$j].replace('*.', '')
            $endpointRequestListM365[$i].urls[$j] = $targetURL
        }
        $endpointRequestListM365[$i].urls = $endpointRequestListM365[$i].urls | Sort-Object -Unique
    }
    
    return $endpointRequestListM365
}

Function Get-IntuneEndpointList {
    # Get up-to-date URLs
    $endpointList = (invoke-restmethod -Uri ("https://endpoints.office.com/endpoints/WorldWide?ServiceAreas=MEM`&clientrequestid=" + ([GUID]::NewGuid()).Guid)) | Where-Object { $_.ServiceArea -eq "MEM" -and $_.urls }

    # Create categories to better understand what is being tested
    [PsObject[]]$endpointListCategories = @()
    $endpointListCategories += [PsObject]@{id = 163; category = 'Global'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 164; category = 'Delivery Optimization'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 165; category = 'NTP Sync'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 169; category = 'Windows Notifications & Store'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 170; category = 'Scripts & Win32 Apps'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 171; category = 'Push Notifications'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 172; category = 'Delivery Optimization'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 173; category = 'Autopilot Self-deploy'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 178; category = 'Apple Device Management'; mandatory = $false }
    $endpointListCategories += [PsObject]@{id = 179; category = 'Android (AOSP) Device Management'; mandatory = $false }
    $endpointListCategories += [PsObject]@{id = 181; category = 'Remote Help'; mandatory = $false }
    $endpointListCategories += [PsObject]@{id = 182; category = 'Collect Diagnostics'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 186; category = 'Microsoft Azure attestation - Windows 11 only'; mandatory = $true }
    $endpointListCategories += [PsObject]@{id = 187; category = 'Android Remote Help'; mandatory = $false }
    $endpointListCategories += [PsObject]@{id = 188; category = 'Remote Help GCC Dependency'; mandatory = $false }
    $endpointListCategories += [PsObject]@{id = 189; category = 'Feature Flighting'; mandatory = $false }
    
    # Create new output object and extract relevant test information (ID, category, URLs only)
    [PsObject[]]$endpointRequestList = @()
    for ($i = 0; $i -lt $endpointList.Count; $i++) {
        $endpointRequestList += [PsObject]@{ id = $endpointList[$i].id; category = ($endpointListCategories | Where-Object { $_.id -eq $endpointList[$i].id }).category; urls = $endpointList[$i].urls; mandatory = ($endpointListCategories | Where-Object { $_.id -eq $endpointList[$i].id }).mandatory }
    }

    # Remove all *. from URL list (not useful)
    for ($i = 0; $i -lt $endpointRequestList.Count; $i++) {
        for ($j = 0; $j -lt $endpointRequestList[$i].urls.Count; $j++) {
            $targetUrl = $endpointRequestList[$i].urls[$j].replace('*.', '')
            $endpointRequestList[$i].urls[$j] = $targetURL
        }
        $endpointRequestList[$i].urls = $endpointRequestList[$i].urls | Sort-Object -Unique
    }
    
    return $endpointRequestList
}

Function Test-DeviceIntuneConnectivity {
    
    $ErrorActionPreference = 'SilentlyContinue'
    $TestFailed = $false
    $ProxyServer = Get-ProxySettings
    $endpointListM365Common = Get-M365CommonEndpointList
    $endpointListIntune = Get-IntuneEndpointList
    $failedEndpointList = @{}

    Write-Host "Starting Connectivity Check..." -ForegroundColor Yellow

    foreach ($endpoint in $endpointListM365Common) 
    {        
        if ($endpoint.mandatory -eq $true) 
        {  
            Write-Host "Checking Category: ..." $endpoint.category -ForegroundColor Yellow
            foreach ($url in $endpoint.urls) {
                if ($ProxyServer -eq "NoProxy") 
                {
                    $TestResult = (Invoke-WebRequest -uri $url -UseBasicParsing).StatusCode
                }
                else 
                {
                    $TestResult = (Invoke-WebRequest -uri $url -UseBasicParsing -Proxy $ProxyServer).StatusCode
                }
                if ($TestResult -eq 200) 
                {
                    if (($url.StartsWith('approdimedata') -or ($url.StartsWith("intunemaape13") -or $url.StartsWith("intunemaape17") -or $url.StartsWith("intunemaape18") -or $url.StartsWith("intunemaape19")))) {
                        Write-Host "Connection to " $url ".............. Succeeded (needed for Asia & Pacific tenants only)." -ForegroundColor Green 
                    }
                    elseif (($url.StartsWith('euprodimedata') -or ($url.StartsWith("intunemaape7") -or $url.StartsWith("intunemaape8") -or $url.StartsWith("intunemaape9") -or $url.StartsWith("intunemaape10") -or $url.StartsWith("intunemaape11") -or $url.StartsWith("intunemaape12")))) {
                        Write-Host "Connection to " $url ".............. Succeeded (needed for Europe tenants only)." -ForegroundColor Green 
                    }
                    elseif (($url.StartsWith('naprodimedata') -or ($url.StartsWith("intunemaape1") -or $url.StartsWith("intunemaape2") -or $url.StartsWith("intunemaape3") -or $url.StartsWith("intunemaape4") -or $url.StartsWith("intunemaape5") -or $url.StartsWith("intunemaape6")))) {
                        Write-Host "Connection to " $url ".............. Succeeded (needed for North America tenants only)." -ForegroundColor Green 
                    }
                    else {
                        Write-Host "Connection to " $url ".............. Succeeded." -ForegroundColor Green 
                    }
                }
                else 
                {
                    $TestFailed = $true
                    if ($failedEndpointList.ContainsKey($endpoint.category)) {
                        $failedEndpointList[$endpoint.category] += $url
                    }
                    else {
                        $failedEndpointList.Add($endpoint.category, $url)
                    }
                    if (($url.StartsWith('approdimedata') -or ($url.StartsWith("intunemaape13") -or $url.StartsWith("intunemaape17") -or $url.StartsWith("intunemaape18") -or $url.StartsWith("intunemaape19")))) {
                        Write-Host "Connection to " $url ".............. Failed (needed for Asia & Pacific tenants only)." -ForegroundColor Red 
                    }
                    elseif (($url.StartsWith('euprodimedata') -or ($url.StartsWith("intunemaape7") -or $url.StartsWith("intunemaape8") -or $url.StartsWith("intunemaape9") -or $url.StartsWith("intunemaape10") -or $url.StartsWith("intunemaape11") -or $url.StartsWith("intunemaape12")))) {
                        Write-Host "Connection to " $url ".............. Failed (needed for Europe tenants only)." -ForegroundColor Red 
                    }
                    elseif (($url.StartsWith('naprodimedata') -or ($url.StartsWith("intunemaape1") -or $url.StartsWith("intunemaape2") -or $url.StartsWith("intunemaape3") -or $url.StartsWith("intunemaape4") -or $url.StartsWith("intunemaape5") -or $url.StartsWith("intunemaape6")))) {
                        Write-Host "Connection to " $url ".............. Failed (needed for North America tenants only)." -ForegroundColor Red 
                    }
                    else {
                        Write-Host "Connection to " $url ".............. Failed." -ForegroundColor Red 
                    }
                }
            }
        }
        else 
        {
            #Write-Host "Skipping Category: ..." $endpoint.category -ForegroundColor Yellow
        }
    }

    foreach ($endpoint in $endpointListIntune) 
    {        
        if ($endpoint.mandatory -eq $true) 
        {
            Write-Host "Checking Category: ..." $endpoint.category -ForegroundColor Yellow
            foreach ($url in $endpoint.urls) {
                if ($ProxyServer -eq "NoProxy") {
                    $TestResult = (Invoke-WebRequest -uri $url -UseBasicParsing).StatusCode
                }
                else {
                    $TestResult = (Invoke-WebRequest -uri $url -UseBasicParsing -Proxy $ProxyServer).StatusCode
                }
                if ($TestResult -eq 200) {
                    if (($url.StartsWith('approdimedata') -or ($url.StartsWith("intunemaape13") -or $url.StartsWith("intunemaape17") -or $url.StartsWith("intunemaape18") -or $url.StartsWith("intunemaape19")))) {
                        Write-Host "Connection to " $url ".............. Succeeded (needed for Asia & Pacific tenants only)." -ForegroundColor Green 
                    }
                    elseif (($url.StartsWith('euprodimedata') -or ($url.StartsWith("intunemaape7") -or $url.StartsWith("intunemaape8") -or $url.StartsWith("intunemaape9") -or $url.StartsWith("intunemaape10") -or $url.StartsWith("intunemaape11") -or $url.StartsWith("intunemaape12")))) {
                        Write-Host "Connection to " $url ".............. Succeeded (needed for Europe tenants only)." -ForegroundColor Green 
                    }
                    elseif (($url.StartsWith('naprodimedata') -or ($url.StartsWith("intunemaape1") -or $url.StartsWith("intunemaape2") -or $url.StartsWith("intunemaape3") -or $url.StartsWith("intunemaape4") -or $url.StartsWith("intunemaape5") -or $url.StartsWith("intunemaape6")))) {
                        Write-Host "Connection to " $url ".............. Succeeded (needed for North America tenants only)." -ForegroundColor Green 
                    }
                    else {
                        Write-Host "Connection to " $url ".............. Succeeded." -ForegroundColor Green 
                    }
                }
                else {
                    $TestFailed = $true
                    if ($failedEndpointList.ContainsKey($endpoint.category)) {
                        $failedEndpointList[$endpoint.category] += $url
                    }
                    else {
                        $failedEndpointList.Add($endpoint.category, $url)
                    }
                    if (($url.StartsWith('approdimedata') -or ($url.StartsWith("intunemaape13") -or $url.StartsWith("intunemaape17") -or $url.StartsWith("intunemaape18") -or $url.StartsWith("intunemaape19")))) {
                        Write-Host "Connection to " $url ".............. Failed (needed for Asia & Pacific tenants only)." -ForegroundColor Red 
                    }
                    elseif (($url.StartsWith('euprodimedata') -or ($url.StartsWith("intunemaape7") -or $url.StartsWith("intunemaape8") -or $url.StartsWith("intunemaape9") -or $url.StartsWith("intunemaape10") -or $url.StartsWith("intunemaape11") -or $url.StartsWith("intunemaape12")))) {
                        Write-Host "Connection to " $url ".............. Failed (needed for Europe tenants only)." -ForegroundColor Red 
                    }
                    elseif (($url.StartsWith('naprodimedata') -or ($url.StartsWith("intunemaape1") -or $url.StartsWith("intunemaape2") -or $url.StartsWith("intunemaape3") -or $url.StartsWith("intunemaape4") -or $url.StartsWith("intunemaape5") -or $url.StartsWith("intunemaape6")))) {
                        Write-Host "Connection to " $url ".............. Failed (needed for North America tenants only)." -ForegroundColor Red 
                    }
                    else {
                        Write-Host "Connection to " $url ".............. Failed." -ForegroundColor Red 
                    }
                }
            }
        }
        else 
        {
            #Write-Host "Skipping Category: ..." $endpoint.category -ForegroundColor Yellow
        }
    }

    # If test failed
    if ($TestFailed) 
    {
        Write-Host "Test failed. Please check the following URLs:" -ForegroundColor Red
        foreach ($failedEndpoint in $failedEndpointList.Keys) {
            Write-Host $failedEndpoint -ForegroundColor Red
            foreach ($failedUrl in $failedEndpointList[$failedEndpoint]) {
                Write-Host $failedUrl -ForegroundColor Red
            }
        }
    }
    Write-Host "Test-DeviceIntuneConnectivity completed successfully." -ForegroundColor Green -BackgroundColor Black
}


### Main ###

# Main function call
Test-DeviceIntuneConnectivity

# Get the current network config of the system and display
$NetworkConfiguration = @()
Get-NetIPConfiguration | ForEach-Object {
    $NetworkConfiguration += New-Object PSObject -Property @{
        InterfaceAlias = $_.InterfaceAlias
        ProfileName = if($null -ne $_.NetProfile.Name){$_.NetProfile.Name}else{""}
        IPv4Address = if($null -ne $_.IPv4Address){$_.IPv4Address}else{""}
        IPv6Address = if($null -ne $_.IPv6Address){$_.IPv6Address}else{""}
        IPv4DefaultGateway = if($null -ne $_.IPv4DefaultGateway){$_.IPv4DefaultGateway.NextHop}else{""}
        IPv6DefaultGateway = if($null -ne $_.IPv6DefaultGateway){$_.IPv6DefaultGateway.NextHop}else{""}
        DNSServer = if($null -ne $_.DNSServer){$_.DNSServer.ServerAddresses}else{""}
    }
}

$NetworkConfiguration | Format-Table -AutoSize

Test-IntuneConnectivity.ps1 script is created based on the Microsoft 365 IP Address and URL web service (https://aka.ms/ipurlws) in which, a REST API call is made to the Worldwide instance to obtain the latest endpoint URLs for Service Area “MEM” and “M365 Common” (for the dependencies) and then proceeds to check connectivity to each of those endpoint URLs from the client.

PS C:\Users\a758430\Downloads> .\Test-IntuneConnectivity.ps1
Checking winHTTP proxy settings...
Access Type : DIRECT
Starting Connectivity Check...
Checking Category: ... M365 Common
Connection to  account.activedirectory.windowsazure.com .............. Succeeded.
Connection to  accounts.accesscontrol.windows.net .............. Succeeded.
Connection to  adminwebservice.microsoftonline.com .............. Succeeded.
Connection to  api.passwordreset.microsoftonline.com .............. Succeeded.
Connection to  auth.microsoft.com .............. Succeeded.
Connection to  autologon.microsoftazuread-sso.com .............. Succeeded.
Connection to  becws.microsoftonline.com .............. Succeeded.
Connection to  ccs.login.microsoftonline.com .............. Succeeded.
Connection to  clientconfig.microsoftonline-p.net .............. Succeeded.
Connection to  companymanager.microsoftonline.com .............. Succeeded.
Connection to  device.login.microsoftonline.com .............. Succeeded.
Connection to  graph.microsoft.com .............. Succeeded.
Connection to  graph.windows.net .............. Succeeded.
Connection to  login-us.microsoftonline.com .............. Succeeded.
Connection to  login.microsoft.com .............. Succeeded.
Connection to  login.microsoftonline-p.com .............. Succeeded.
Connection to  login.microsoftonline.com .............. Succeeded.
Connection to  login.windows.net .............. Succeeded.
Connection to  logincert.microsoftonline.com .............. Succeeded.
Connection to  loginex.microsoftonline.com .............. Succeeded.
Connection to  msftidentity.com .............. Succeeded.
Connection to  msidentity.com .............. Succeeded.
Connection to  nexus.microsoftonline-p.com .............. Succeeded.
Connection to  passwordreset.microsoftonline.com .............. Succeeded.
Connection to  provisioningapi.microsoftonline.com .............. Succeeded.
Checking Category: ... M365 Common
Connection to  enterpriseregistration.windows.net .............. Succeeded.
Connection to  hip.live.com .............. Succeeded.
Connection to  microsoftonline-p.com .............. Succeeded.
Connection to  microsoftonline.com .............. Succeeded.
Connection to  msauth.net .............. Succeeded.
Connection to  msauthimages.net .............. Succeeded.
Connection to  msecnd.net .............. Succeeded.
Connection to  msftauth.net .............. Succeeded.
Connection to  msftauthimages.net .............. Succeeded.
Connection to  phonefactor.net .............. Succeeded.
Connection to  policykeyservice.dc.ad.msft.net .............. Succeeded.
Checking Category: ... M365 Common
Connection to  microsoft.com .............. Succeeded.
Connection to  msocdn.com .............. Succeeded.
Connection to  onmicrosoft.com .............. Succeeded.
Checking Category: ... M365 Common
Connection to  activation.sls.microsoft.com .............. Succeeded.
Checking Category: ... M365 Common
Connection to  crl.microsoft.com .............. Succeeded.
Checking Category: ... M365 Common
Connection to  apps.identrust.com .............. Succeeded.
Connection to  cacerts.digicert.com .............. Succeeded.
Connection to  cert.int-x3.letsencrypt.org .............. Succeeded.
Connection to  crl.globalsign.com .............. Succeeded.
Connection to  crl.globalsign.net .............. Succeeded.
Connection to  crl.identrust.com .............. Succeeded.
Connection to  crl3.digicert.com .............. Succeeded.
Connection to  crl4.digicert.com .............. Succeeded.
Connection to  entrust.net .............. Succeeded.
Connection to  geotrust.com .............. Succeeded.
Connection to  isrg.trustid.ocsp.identrust.com .............. Succeeded.
Connection to  mscrl.microsoft.com .............. Succeeded.
Connection to  ocsp.digicert.com .............. Succeeded.
Connection to  ocsp.globalsign.com .............. Succeeded.
Connection to  ocsp.msocsp.com .............. Succeeded.
Connection to  ocsp2.globalsign.com .............. Succeeded.
Connection to  ocspx.digicert.com .............. Succeeded.
Connection to  omniroot.com .............. Succeeded.
Connection to  public-trust.com .............. Succeeded.
Connection to  secure.globalsign.com .............. Succeeded.
Connection to  symcb.com .............. Succeeded.
Connection to  symcd.com .............. Succeeded.
Connection to  verisign.com .............. Succeeded.
Connection to  verisign.net .............. Succeeded.
Connection to  www.digicert.com .............. Succeeded.
Connection to  www.microsoft.com .............. Succeeded.
Checking Category: ... M365 Common
Connection to  activity.windows.com .............. Succeeded.
Checking Category: ... Global
Connection to  manage.microsoft.com .............. Succeeded.
Checking Category: ... Delivery Optimization
Connection to  delivery.mp.microsoft.com .............. Succeeded.
Connection to  emdl.ws.microsoft.com .............. Succeeded.
Connection to  prod.do.dsp.mp.microsoft.com .............. Succeeded.
Connection to  tsfe.trafficshaping.dsp.mp.microsoft.com .............. Succeeded.
Connection to  update.microsoft.com .............. Succeeded.
Connection to  windowsupdate.com .............. Succeeded.
Checking Category: ... NTP Sync
Connection to  time.windows.com .............. Succeeded.
Connection to  www.msftconnecttest.com .............. Succeeded.
Connection to  www.msftncsi.com .............. Succeeded.
Checking Category: ... Windows Notifications & Store
Connection to  clientconfig.passport.net .............. Succeeded.
Connection to  s-microsoft.com .............. Succeeded.
Connection to  windowsphone.com .............. Succeeded.
Connection to  www.msftncsi.com .............. Succeeded.
Checking Category: ... Scripts & Win32 Apps
Connection to  approdimedatahotfix.azureedge.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  approdimedatapri.azureedge.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  approdimedatasec.azureedge.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  euprodimedatahotfix.azureedge.net .............. Succeeded (needed for Europe tenants only).
Connection to  euprodimedatapri.azureedge.net .............. Succeeded (needed for Europe tenants only).
Connection to  euprodimedatasec.azureedge.net .............. Succeeded (needed for Europe tenants only).
Connection to  naprodimedatahotfix.azureedge.net .............. Succeeded (needed for North America tenants only).
Connection to  naprodimedatapri.azureedge.net .............. Succeeded (needed for North America tenants only).
Connection to  naprodimedatasec.azureedge.net .............. Succeeded (needed for North America tenants only).
Connection to  swda01-mscdn.azureedge.net .............. Succeeded.
Connection to  swda02-mscdn.azureedge.net .............. Succeeded.
Connection to  swdb01-mscdn.azureedge.net .............. Succeeded.
Connection to  swdb02-mscdn.azureedge.net .............. Succeeded.
Connection to  swdc01-mscdn.azureedge.net .............. Succeeded.
Connection to  swdc02-mscdn.azureedge.net .............. Succeeded.
Connection to  swdd01-mscdn.azureedge.net .............. Succeeded.
Connection to  swdd02-mscdn.azureedge.net .............. Succeeded.
Connection to  swdin01-mscdn.azureedge.net .............. Succeeded.
Connection to  swdin02-mscdn.azureedge.net .............. Succeeded.
Checking Category: ... Push Notifications
Connection to  notify.windows.com .............. Succeeded.
Connection to  wns.windows.com .............. Succeeded.
Checking Category: ... Delivery Optimization
Connection to  dl.delivery.mp.microsoft.com .............. Succeeded.
Connection to  do.dsp.mp.microsoft.com .............. Succeeded.
Connection to  emdl.ws.microsoft.com .............. Succeeded.
Checking Category: ... Autopilot Self-deploy
Connection to  ekcert.spserv.microsoft.com .............. Succeeded.
Connection to  ekop.intel.com .............. Succeeded.
Connection to  ftpm.amd.com .............. Succeeded.
Checking Category: ... Collect Diagnostics
Connection to  lgmsapeweu.blob.core.windows.net .............. Succeeded.
Checking Category: ... Microsoft Azure attestation - Windows 11 only
Connection to  intunemaape1.eus.attest.azure.net .............. Succeeded (needed for North America tenants only).
Connection to  intunemaape10.weu.attest.azure.net .............. Succeeded (needed for Europe tenants only).
Connection to  intunemaape11.weu.attest.azure.net .............. Succeeded (needed for Europe tenants only).
Connection to  intunemaape12.weu.attest.azure.net .............. Succeeded (needed for Europe tenants only).
Connection to  intunemaape13.jpe.attest.azure.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  intunemaape17.jpe.attest.azure.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  intunemaape18.jpe.attest.azure.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  intunemaape19.jpe.attest.azure.net .............. Succeeded (needed for Asia & Pacific tenants only).
Connection to  intunemaape2.eus2.attest.azure.net .............. Succeeded (needed for North America tenants only).
Connection to  intunemaape3.cus.attest.azure.net .............. Succeeded (needed for North America tenants only).
Connection to  intunemaape4.wus.attest.azure.net .............. Succeeded (needed for North America tenants only).
Connection to  intunemaape5.scus.attest.azure.net .............. Succeeded (needed for North America tenants only).
Connection to  intunemaape7.neu.attest.azure.net .............. Succeeded (needed for Europe tenants only).
Connection to  intunemaape8.neu.attest.azure.net .............. Succeeded (needed for Europe tenants only).
Connection to  intunemaape9.neu.attest.azure.net .............. Succeeded (needed for Europe tenants only).
Test-DeviceIntuneConnectivity completed successfully.

IPv6DefaultGateway ProfileName DNSServer                                                     IPv6Address IPv4Address    IPv4DefaultGateway InterfaceAlias
------------------ ----------- ---------                                                     ----------- -----------    ------------------ --------------
                   Joy_5Ghz    {103.85.98.221, 103.250.84.187}                                           192.168.0.107  192.168.0.1        Wi-Fi
                               {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}                    169.254.41.79                     Ethernet 4
                               {fec0:0:0:ffff::1, fec0:0:0:ffff::2, fec0:0:0:ffff::3}                    169.254.245.69                    Bluetooth Network Connection
                               {10.119.132.20, 10.119.132.21, 10.119.132.22, 10.119.132.23…}             169.254.80.147                    Ethernet

Thats the sample output that you can see.

That was all for today.

1 Comment

1 Trackback / Pingback

  1. Intune Newsletter - 19th April 2024 - Andrew Taylor

Comments are closed.