You can collect Intune diagnostic logs from a macOS device and either save a report on the device locally or you can also send it directly to Microsoft. The diagnostic logs are helpful for troubleshooting issues related to device enrollment / device check-in / script deployment while using Intune or to check any issues with Company Portal app.
I have written a blog post about How to force Intune Sync manually from macOS which also helps while troubleshooting Intune deployment issues. You can force MDM check-in and Intune agent check-in from a macOS device if required.
In this blog post, we will see how to collect Intune related diagnostic logs from macOS. It could be for script deployment / application deployment / device configuration related Issues, you can gather information from log files and find out the root cause.
We will generate / check CompanyPortal.log, IntuneMDMDaemon*.log and IntuneMDMAgent*.log files for troubleshooting macOS Intune deployment issues. In the next sections, you will find out how to locate these files and what information is stored in these logs.
1. Collect logs from Company Portal App on macOS
CompanyPortal.log file contains below Information about the device, Enrollment information and registered user Information. Along with that it provides details about the the error message.
Device Information
- Device Build version
- Device Model
- Device Operating System Version
- Device Azure AD ID
- Device Compliant State
- Device Last Contact Time
Enrollment related Information
- MDM Enrollment State of the device.
Registered User Information
- User Account ID
- Tenant ID
- User ID
1.1 Save Company portal diagnostic report locally
If you have any issues with Company Portal app on a macOS device, you can check CompanyPortal.log file. To capture the data related to an issue, you need to first reproduce the issue and then click on Save diagnostic report immediately afterwards.
This way you can make sure that the logs will contain the data related to the issue. You can then share the diagnostic report with IT administrator to analyse it and find the root cause. Let’s check the steps to save the diagnostic report.
- Launch Company Portal App on your device.
- Click on Help and then click on Save diagnostic report.
- You can change the name and location of the log file if you want. As per below screenshot, the name of the file will be Company Portal.zip and it will be saved in Downloads folder.
- Extract the contents of Company Portal.zip file by right-clicking on the file > Open With > Archive Utility.
- CompanyPortal.log file will be extracted in the same folder. Double-click on the file to open and search for the errors.
- You can search for keywords in the file to jump directly to the error message. For Example: Search for “Error”, “Failed” etc. in the file to see if there are any errors logged.
1.2 Send Company Portal App diagnostic logs to Microsoft
You can first reproduce the issue and Immediately afterwards, click on Send diagnostic report option to share diagnostic report with Microsoft.
- Launch Company Portal App on your device.
- Go to Help > Send diagnostic report.
- As you can see from below screenshot, An incident ID is generated. You can also click on Email Logs button to send an email to a Microsoft support engineer.
2. Collect Intune MDM Agent logs from a macOS device
If you are facing macOS deployment issues or any issues with Intune sync / device check-in. Then you can check the Intune management logs which are stored at /Library/Logs/Microsoft/Intune (System logs) ~/Library/Logs/Microsoft/Intune (User Logs) location. The name of the log files are IntuneMDMDaemon date–time.log and IntuneMDMAgent date–time.log.
2.1 Location of IntuneMDMDaemon date–time.log file
- Go to Finder App > Go > Go to Folder...
- Search for
/Library/Logs/Microsoft/Intunepath and double click on searched location to open.
- Find the most recent IntuneMDMDaemon log file using Date Modified column and double-click on it to open the file.
- You can manually initiate Intune sync and check the real time logs while keeping this file opened. Also, you can monitor the shell script deployment status from this file.
2.2 Location of IntuneMDMAgent date–time.log file
To find the location of IntuneMDMAgent*.log file, follow below steps:
- Go to Finder App > Go > Go to Folder...
- Search for ~/Library/Logs/Microsoft/Intune path and double click on searched location to open.
3. Collect macOS device logs from Intune admin center
You can use Intune script agent to collect logs from a macOS device remotely via Intune admin center. Let’s check the steps:
- Login on Microsoft Intune admin center.
- Click on Devices > macOS >Shell scripts.
- Click on any Script deployment name.
- Go to either Device status or User status under Monitor.
- Click on the Device Name or User name > A Pane will open on the right hand side.
- Click on Collect logs.
- To collect the logs, you need to enter absolute log file path. If you want to collect multiple log files, separate different log file paths using semicolon (;). You can collect only .log, .zip, .gz, .tar, .txt, .xml, .crash, .rtf type of log files using Collect logs option. Please make sure that the size of all the log files which you want to collect remotely should not be more than 60 MB or 25 files in total, whichever occurs first.
For Example: I want to collect IntuneMDMAgent*.log, IntuneMDMDaemon*.log and CompanyPortal.log files remotely from a macOS device. Therefore, I will add /users/jatin/downloads/CompanyPortal.log path for log collection. This will collect CompanyPortal.log file along with that Intune Agent log files.
Please note even if you specify only one log file for log collection, For example CompanyPortal.log, it will automatically include the most recent IntuneMDMAgent*.log, IntuneMDMDaemon*.log log files.
To add multiple paths for log collection, you can separate file paths with semicolon.
For Example: <LogfilePath1>;<LogfilePath2>;<LogfilePath3>…. and so on.
Other Examples:
/Library/Logs/Microsoft/Intune/*.log– This will fetch IntuneMDMAgent*.log, IntuneMDMDaemon*.log files from macOS device.
Download macOS device logs from Intune admin center
Now that we have Initiated log collection request. This should take less than 8 hours to for log collection request to be completed. Once the log collection completes successfully, you will be able to download requested logs from Intune admin center.
If you have access to the macOS device or if you are on a call with end user who has access to that macOS device. You can request the user to force Initiate device check-in with intune. This will trigger the log collection immediately and within few minutes you will be able to Download logs from Intune admin center without waiting for couple of hours.
To download the logs from Intune admin center, please follow below steps:
- Login on Microsoft Intune admin center.
- Click on Devices > macOS >Shell scripts.
- Click on any Script deployment name.
- Go to either Device status or User status under Monitor.
- Click on the Device Name or User name > A Pane will open on the right hand side.
- Click on Download logs.
After you click on Download logs, it will pop-up a window to save log file which is in a zip file format. The name of the zip file is ScriptTroubleshootingLogs_<date>.zip. Extract this zip file and check the log files.
Conclusion
In this blog post, we have seen different ways to collect Intune troubleshooting logs from a managed macOS device. Having the capability of remotely collect logs from macOS device is really powerful as IT administrator do not have to call the end user and take remote control of the device. IT administrator can start troubleshooting remotely by checking the log files and find out the root cause.