Force Intune sync using CMD command line with EnterpriseMgmt scheduled task troubleshooting

How to Force an Intune Sync Using CMD (and What to Do If It Fails)

Managing Windows devices with Microsoft Intune often requires forcing a manual device sync—especially when policies are not applying as expected. While most admins use the Intune portal or Windows Settings, you can also initiate an Intune sync using Command Prompt (CMD).

This guide explains:

  • How to force an Intune sync using CMD
  • Why the sync command may fail
  • How to fix missing Intune sync tasks
  • How to confirm the device is correctly enrolled

What Is an Intune Device Sync?

An Intune sync forces a Windows device to immediately:

  • Check in with Microsoft Intune
  • Download new policies
  • Apply configuration profiles
  • Report compliance status

By default, devices sync every 8 hours, but manual sync is often required during troubleshooting or onboarding.

How to Force Intune Sync Using CMD

Intune uses a scheduled task created during MDM enrollment. Triggering this task forces a sync.

Step 1: Open CMD as Administrator

Right-click Command PromptRun as administrator

Step 2: Locate the Intune Enrollment GUID

Run:

powershell 
schtasks /query /tn "\Microsoft\Windows\EnterpriseMgmt\" /fo LIST /v

You should see a path like:

\Microsoft\Windows\EnterpriseMgmt\6F3A8D3A-XXXX-XXXX-XXXX-XXXXXXXXXXXX\

This GUID represents the Intune enrollment ID.

Step 3: Trigger the Intune Sync

Replace <EnrollmentGUID> with the actual GUID:

powershell 
schtasks /run /tn "\Microsoft\Windows\EnterpriseMgmt\<EnrollmentGUID>\Schedule #3 created by enrollment client"

This is the same action as clicking Sync in:

Settings → Accounts → Access work or school → Info

Common Error: EnterpriseMgmt Task Not Found

Error Example

Get-ScheduledTask : No MSFT_ScheduledTask objects found with property 'TaskPath'

What This Means

🚨 The device is not enrolled in Intune, or the enrollment is broken.

If the device were properly enrolled, the EnterpriseMgmt folder would exist.

How to Check If a Device Is Intune-Enrolled

Check Azure AD & MDM Status

Run:

dsregcmd /status

Look for:

AzureAdJoined : YES
MDMUrl        : https://enrollment.manage.microsoft.com

❌ If MDMUrl is missing, Intune enrollment is not active.

Check Enrollment Registry Keys

reg query HKLM\SOFTWARE\Microsoft\Enrollments
  • No keys → Device is not enrolled
  • Keys exist but no tasks → Broken enrollment

How to Fix Missing Intune Sync Tasks

Option 1: Re-Enroll the Device (Recommended)

  1. Settings → Accounts → Access work or school
  2. Disconnect the work account
  3. Reboot
  4. Reconnect the work account
  5. Confirm Intune enrollment

Option 2: Force Auto-Enrollment via CMD

Run as administrator:

deviceenroller.exe /c /AutoEnrollMDM

Reboot the device and re-check the scheduled tasks.

How to Confirm Intune Sync Is Working

Event Viewer Logs

Navigate to:

Applications and Services Logs
→ Microsoft
→ Windows
→ DeviceManagement-Enterprise-Diagnostics-Provider

Look for:

  • Event ID 208 – Sync started
  • Event ID 209 – Sync completed

Key Takeaways

  • Intune sync via CMD relies on EnterpriseMgmt scheduled tasks
  • If the task doesn’t exist, the device is not enrolled
  • Re-enrollment fixes most sync issues
  • Always confirm Azure AD join and MDM URL

Related Posts