Secure Boot Certificate Status Unknown
Posted by Extension-Chemist-25@reddit | sysadmin | View on Reddit | 5 comments
Hey everyone.
I'm trying to verify that all of the UEFI certs have been updated throughout our company, but when looking at the Secure Boot Certificate Status report in Intune, every single machine is coming back with an "Unknown" status.
When I look in the registry of my own laptop for UEFICA2023Status it comes back as "Updated", so that's a good sign. But I want Intune to verify that it's every machine on my network.
Has anyone else experienced this?
Additionally, I did go in and enable Windows Data and Windows License Verification under Connectors and Tokens - I read that was necessary to generate the cert report.
Thank you in advance!
CantPullOutRightNow@reddit
If you’d like to force telemetry, you can read about it here:
https://support.microsoft.com/en-au/topic/monitoring-secure-boot-certificate-status-with-microsoft-intune-remediations-6696a27b-fa09-4570-b112-124965adc87f
Cuppie_@reddit
Check in intune under tenant administration -> Windows data if Windows data is turned on.
Extension-Chemist-25@reddit (OP)
Thank you. Yeah, that's what I was referring to at the end of my post regarding Windows Data and Windows License Verification - I enabled both yesterday, and still the report today is "Unknown" for all computers.
FartInTheLocker@reddit
I've gone through the exact same process as you, it's taken some devices an age to start reporting, I think it's just one of them where they will get the data in eventually.
Enabled for me on Monday, and I've only got 22/260 machines with secure boot data reporting currently.
Extension-Chemist-25@reddit (OP)
Wow, OK. I knew Microsoft was slow, but this is REALLY slow, even for them. Thank you for the info - I'll just check back on Friday then and see how the report looks. 😛