In one of my last posts we took a closer look at how the Intune Management extension works and even looked behind the scenes directly into the code. In this post I have already mentioned the ClientHealthEval.exe and I would like to take a closer look into this.
What is the ClientHealthEval.exe
This is a small tool designed to monitor and restore the health of the Intune Management Extension. In addition to the ClientHealthEval.exe there is also the HealthCheck.xml which is a config file for the ClientHealthEval and shows very nicely which functions are in. I would like to go more into the detail now.
What are the different features of the ClientHealthEval.exe
Verify Intune Management Extension service exists
As the name suggests, this checks whether the Intune management service exists. This is unfortunately only a check but not a remediation. If the service does not exist, only an entry is written to a logfile.
Verify/Remediate Intune Management Extension Service startup type.
The health check is whether the service IntuneManagementExtension has as StartupType Automatic. If this is not the case, this is noted in the log and the state is set to Automatic as remediation.
Verify/Remediate Intune Management Extension service status
Verify/Remediate Intune Management Extension service status checks if the service is running or stopped. If the service does not have the Active status, it will be started via Remediation. If the status is Stopped pending the process is killed so that it can be restarted.
Verify/Remediate Intune Management Extension memory usage
The last check verifies if the memory of the Microsoft.Management.Services.IntuneWindowsAgent service is more than 200 mb. If this is the case, the service is restarted and hopefully recovers afterwards.
Where can I find the log file
The logfile can be found in the following location: C:\ProgramData\Microsoft\IntuneManagementExtension\Logs
How often does the health check run,
The Ime has created a schedule task in the task scheduler that runs once a day in the system context and triggers the Health.exe.
In my opinion, the checks that are made are very basic. It would be good if it also checks if the connection to the Intune service is working or if there was a crash event since the last run. In the log you can see that the process sends the HealthReport to the backend. But it would be great to have a report here where you can monitor the state of the IME and troubleshoot problems that occur often. I hope I could give you with this blog an insight into the ClientHealthEval.exe.