This browser is no longer supported.
Upgrade to Microsoft Edge to take advantage of the latest features, security updates, and technical support.
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(304, 88%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ESC%3C/text%3E%3C/svg%3E)
My machine certificates issued from internal CA via NDES/SCEP profile in Intune do not always renew Recently had a bunch of users that needed manual sync forced on their AAD joined/Intune managed machines with cable connection to obtain the new certificate The machines were previously ON, so would expect that they should auto renewed within the 6 weeks period as specified in the template used
Any ideas?
Thanks
Seb
Other Intune-related topics, including unsupported scenarios and platform-specific behaviors
Correct, auto renew did not happen on some devices for a reason that I could not figure
I can use uncle G probably as well as you, so already been through this link
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ECM%3C/text%3E%3C/svg%3E)
@Sebastian Cerazy, Thanks for the reply. From your description, I know we have already read the link. But the issue is still not resolved. Here, I suggest to open case to do detailed log analysis to troubleshoot. Here is a link with the steps to open case:
@SebastianCerazy-1155, Thanks for posting in Q&A. From your description, it seems the SCEP certificate renew is not working on some devices. To troubleshoot this, you can refer to the following link to see if there's any finding.
Note: Non-Microsoft link, just for the reference.
Hope it can help.
If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.
So I have a link to explanation how the process work, but there is no chance to know why it fails sometimes (as described in OP)