Intune – Disable “FastBoot” via Proactive Remmediation

What is Intune Proactive Remediation?

Intune Proactive Remediations is a feature of Microsoft Intune that allows you to automatically fix security issues and configuration errors on managed devices. It can be used to help ensure that devices are compliant with your organization’s security policies and are configured correctly.

To use Intune Proactive Remediations, you’ll need to set up a compliance policy in the Intune portal. This policy will define the rules and requirements for device compliance, such as required software and configuration settings. You’ll also need to specify the remediation actions to take if a device is found to be non-compliant.

Once you’ve set up a compliance policy, you can apply it to your managed devices by assigning it to a device group. When a device checks in with Intune, it will be evaluated against the compliance policy and any non-compliant issues will be flagged. If you have configured remediation actions, Intune will automatically take those actions to try to fix the issues and bring the device back into compliance.

You can monitor the compliance status of your devices in the Intune portal, and view details about any non-compliant issues and the remediation actions that have been taken. You can also use the Intune reporting tools to track compliance over time and identify trends or areas for improvement.

Intune Proactive Remediations can be a useful tool for helping you ensure that your devices are compliant with your organization’s security policies and are configured correctly. It can help you automatically fix issues and improve the overall security and compliance of your managed devices.

Requirements

There are several requirements that must be met in order to use Intune Proactive Remediations:

  1. A Microsoft Intune subscription: In order to use Intune Proactive Remediations, you’ll need to have a valid Intune subscription. If you don’t have an Intune subscription, you can sign up for a trial or purchase a subscription through the Microsoft Azure portal.
  2. Managed devices: Intune Proactive Remediations can only be used on devices that are enrolled in Intune and are being managed by the service. You’ll need to enroll your devices in Intune and ensure that they are connected and able to communicate with the service in order to use Proactive Remediations.
  3. Compliance policies: In order to use Proactive Remediations, you’ll need to set up a compliance policy in the Intune portal. This policy will define the rules and requirements for device compliance, as well as the remediation actions to take if a device is found to be non-compliant.
  4. Remediation actions: Proactive Remediations require that you specify the actions to take if a device is found to be non-compliant. These actions can include running a script, installing software, or configuring device settings. You’ll need to specify the remediation actions that you want to take in your compliance policy.
  5. Device groups: In order to apply a compliance policy to your managed devices, you’ll need to create a device group and assign the policy to the group. When a device checks in with Intune, it will be evaluated against the compliance policy and any non-compliant issues will be flagged. If you have configured remediation actions, Intune will automatically take those actions to try to fix the issues and bring the device back into compliance.

Overall, in order to use Intune Proactive Remediations, you’ll need a valid Intune subscription, managed devices, compliance policies with specified remediation actions, and device groups to which you can assign the policies.

What is FastBoot and How to disable it manually

Windows Fast Boot is a feature in Microsoft Windows that allows the operating system to boot faster by reducing the amount of time it takes to load the kernel and start up the system. When Fast Boot is enabled, the system will store a copy of the kernel and a small portion of the system files in a special memory area called the hibernation file, which can be accessed quickly when the system is restarted. This allows the system to bypass the normal boot process and start up more quickly.

Fast Boot is available on Windows 8 and later versions of the operating system, and can be enabled or disabled in the Power Options settings. To enable Fast Boot on a Windows device, follow these steps:

  1. Open the Start menu and type “power options” into the search bar.
  2. Click on the “Power Options” result to open the Power Options settings.
  3. Click on the “Choose what the power buttons do” link on the left side of the window.
  4. Click on the “Change settings that are currently unavailable” link at the top of the window.
  5. Scroll down to the “Shutdown settings” section and check the box next to “Turn on fast startup (recommended)”.
  6. Click on the “Save changes” button to enable Fast Boot.

Fast Boot can be a useful feature if you need to start up your system quickly, but it does have some drawbacks. For example, it can cause the system to boot more slowly if there are updates or other changes that need to be applied during the boot process. Additionally, Fast Boot can cause some systems to experience issues with booting or waking from sleep, so it’s a good idea to test it out and see if it works well on your system before enabling it permanently.

How to Disable “FastBoot” via Proactive Remmediation

Here the Detection and Remediation Scripts.

Detection Script

$Path = "HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Power"
$Name = "HiberbootEnabled"
$Type = "DWORD"
$Value = 0

Try {
    $Registry = Get-ItemProperty -Path $Path -Name $Name -ErrorAction Stop | Select-Object -ExpandProperty $Name
    If ($Registry -eq $Value){
        Write-Output "Compliant"
        Exit 0
    } 
    Write-Warning "Not Compliant"
    Exit 1
} 
Catch {
    Write-Warning "Not Compliant"
    Exit 1
}

Remediation Script

New-ItemProperty -LiteralPath 'HKLM:\SYSTEM\CurrentControlSet\Control\Session Manager\Power' -Name 'HiberbootEnabled' -Value 0 -PropertyType DWord -Force -ea SilentlyContinue;

Conclusion

Disabling Fast Boot can be a good idea in some cases, but it may not be necessary or beneficial for all systems. Here are some potential reasons why you might want to disable Fast Boot:

  1. Troubleshooting boot issues: If you are experiencing issues with your system not booting correctly, or if you are trying to boot from a USB drive or other external media, disabling Fast Boot can help. Fast Boot can interfere with the normal boot process and cause problems, so disabling it can sometimes help resolve these issues.
  2. Updating the system: If you need to apply updates or make other changes to your system that require a full reboot, disabling Fast Boot can ensure that the updates are applied correctly and that the system boots normally.
  3. Improving boot time: If you don’t need to start up your system quickly and don’t mind a longer boot time, you may want to disable Fast Boot. This can help ensure that the system boots normally and applies any updates or changes that are needed during the boot process.

Overall, whether or not to disable Fast Boot will depend on your specific needs and circumstances. If you are experiencing boot issues or need to apply updates to your system, disabling Fast Boot may be a good idea. If you don’t need a fast boot time and don’t have any other issues, there may be no need to disable Fast Boot.

Nico Wyss

Writer & Blogger

Be the First in Line!

Sign up for a Newsletter.

You have been successfully Subscribed! Ops! Something went wrong, please try again.

© 2023 Copyright