Worker
The IntuneAssistant Worker brings automation and continuous monitoring directly into your own Intune environment — so your Intune management never sleeps.
Enterprise Feature — Enterprise Feature — This extension is available exclusively on the Enterprise license. Once activated, it becomes available in your frontend.
What is the Worker?
Imagine having a dedicated assistant watching over your Microsoft Intune environment around the clock — checking for problems, generating reports, and sending you updates — all without you having to lift a finger.
That's exactly what the IntuneAssistant Worker is.
It's a lightweight service that you deploy once, directly into your own Azure subscription. From that moment on, it runs in the background, executing the tasks you configure, on the schedule you choose, and reporting back to you automatically.
No manual checks. No logging in every morning to see if something changed. No surprises.
Why You Need It
Managing Intune manually is time-consuming. Policies drift. Configurations change. Audits are overdue. And by the time you notice, the damage is already done.
The Worker eliminates that reactive cycle. Instead of you going to look for problems, the Worker finds them and comes to you.
Real-world example: You set up a Configuration Drift Monitor on Monday. On Thursday, someone changes a security policy. On Friday morning, you receive a detailed email report listing exactly what changed, and what the original baseline was. You didn't have to do anything, just create a job.
What Can the Worker Do?
The Worker executes jobs as a managed identity with the permissions you configure. You define the job, set the schedule, and the Worker takes care of the rest.
Intune & Entra Audit Reports
Automatically generate detailed audit reports for your Microsoft Intune and Entra ID environment and have them delivered directly to your inbox.
Schedule reports daily, weekly, or monthly
Receive them as formatted HTML reports via email
Always have an up-to-date audit trail without manual exports
Perfect for compliance reviews and management reporting
Configuration Drift Monitoring
This is the Worker's most powerful feature. It continuously monitors your Intune configuration policies against a saved baseline and immediately alerts you when something changes.
Detects unauthorized or accidental policy changes
Shows exactly which settings drifted and what the original value was
Sends a rich HTML report directly to the recipients you configure
Can be configured to only alert when drifts are found — no noise, only signal
Gives you a full history of active and resolved drifts
No more end-of-quarter surprises. Know the moment your environment changes.
On the Roadmap
The Worker is built to grow. Upcoming job types include:
Compliance Reports — Scheduled device compliance summaries
Script analysis — Checks scripts content and finds unwanted code
Security Reports — Automated security posture snapshots
Automated Remediation — Let the Worker fix common issues automatically
New job types are added with every release and automatically available to your Worker through the auto-update feature.
Your Data Stays Yours
This is important and sets the Worker apart from cloud-only solutions.
The Worker runs inside your own Azure subscription. It uses your own managed identity to connect to Microsoft Graph. Your Intune data is fetched, processed, and reported on — all within the boundaries of your own environment in that worker.
IntuneAssistant never sees your raw Intune data. The Worker operates autonomously in your tenant using your own Azure permissions.
This makes the Worker an excellent fit for organizations with strict data residency requirements or internal security policies around third-party data access.
Deploy in Minutes from Azure Marketplace
Getting started is designed to be as frictionless as possible.
Deploy from the Azure Marketplace — Select your Azure subscription, resource group, and pricing tier. That's it.
The Worker registers itself — On first start, it automatically contacts IntuneAssistant and registers for your account.
Activate with your license key — Enter your Enterprise license key in the Worker dashboard to activate it.
Configure your first job — Set up a scheduled job from the IntuneAssistant portal and the Worker picks it up automatically.
From zero to automated monitoring in under 10 minutes.
Important after deployment: To ensure only users from your organization can access the Worker dashboard, enable Microsoft authentication in Azure Portal → App Services → your Worker → Authentication. This takes 30 seconds and is strongly recommended.
Always Up to Date
The Worker keeps itself current. When a new version is released, it updates automatically during its next maintenance window — no manual intervention required. You can also control the update behaviour:
Enable or disable auto-update from the Worker dashboard
Choose between update rings for controlled rollouts
View the currently installed version at any time
The Worker Dashboard
Every Worker comes with a built-in web dashboard, accessible at your Worker's Azure URL. From there you can:
Registration status
Whether your Worker is activated and ready
Last heartbeat
When the Worker last checked in (should be minutes ago)
Scheduled jobs
All configured jobs and their next scheduled run time
Sender email
The email address used to send job reports
Worker version
Currently installed version
Frequently Asked Questions
Do I need to keep the Worker running at all times?
Yes — the Worker is a continuously running service hosted on Azure App Service. It polls for jobs every few minutes and sends heartbeats to confirm it's alive. As long as your App Service is running, the Worker is working.
What happens if the Worker goes offline?
Scheduled jobs that were due while the Worker was offline will be picked up and executed shortly after it comes back online. The Worker is resilient to short outages.
Can I have multiple Workers?
Each activated Worker is tied to one license. If you manage multiple tenants or need Workers in separate Azure regions, you can deploy and license additional Workers from your IntuneAssistant account.
How do I know a job actually ran?
Every job sends you an email report upon completion. You can also view the last run time and next scheduled run for every job directly in the Worker dashboard.
What Azure resources does the Worker use?
The Worker deploys an App Service with an App Service Plan into your Azure subscription. The size (and therefore cost) of the App Service Plan is chosen by you at deployment time. A Basic B1 plan (~€11/month) is sufficient for most environments.
Ready to Get Started?
Don't have an Enterprise license yet? Upgrade your plan to unlock the Worker and all other Enterprise features.
Last updated