There are articles and forum posts from people who upgraded to Windows 11 24H2 and are experiencing Wi-Fi issues. In this blog post, I will share an Intune Remediation script that may resolve the issue on your devices.
24h2 Wi-Fi issue?
“If you’ve upgraded to Windows 11 version 24H2 recently and found yourself staring at a ‘No Internet Access’ warning, you’re not alone. A lingering bug in Microsoft’s latest Windows 11 update has left countless PCs struggling to connect to Wi-Fi networks properly, with a crippling DHCP issue at its core. Let’s unpack what’s going on, why this is a big deal, and what (if anything) you can do about it.
The crux of the problem lies in how Windows 11 24H2 communicates with DHCP servers. DHCP (Dynamic Host Configuration Protocol) is what assigns an IP address to your device, enabling it to connect to the internet. But since this update rolled out, numerous users have reported that their PCs aren’t receiving a valid IP address via DHCP. Instead, they’re receiving an Automatic Private IP Address (APIPA) — essentially a random, self-assigned IP address that has all the connectivity prowess of a stone-age modem. If your PC pulls an APIPA address, it means it can’t communicate with the DHCP server, resulting in no internet access.”
Remediation?
Microsoft Intune offers a solution called Remediation (More information here: Remediations | Microsoft Learn), which consists of Detection and Remediation scripts. The Detection script will check at intervals whether your machine has a specific setting, value, piece of software, etc., and will start the Remediation script to fix it. After that run, it will continue checking. (This is different from using Platform Scripts. These will run until they are successfully executed and will not run again.)
Note: Proactive Remediations are only available for customers with the following licenses:
– Windows 10/11 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5)
– Windows 10/11 Education A3 or A5 (included in Microsoft 365 A3 or A5)
– Windows 10/11 Virtual Desktop Access (VDA) per user
How do the scripts work to fix this issue?
One solution to the issue is to remove the “WinHTTPAutoProxySvc” (WinHTTP Web Proxy Auto-Discovery Service) dependency from the Windows Connection Manager service. You can do that manually by editing the Registry, but that’s why we have Intune, right? 🙂
The scripts will do that for you. The Detection script will check whether the “WinHTTPAutoProxySvc” value is present in the “DependOnService” key at the Registry path: HKLM\System\CurrentControl\SetServices\WcmSvc, and whether the “WinHttpAutoProxySvc” service is configured to be Manual. The Remediation script will remove that value and restart the “Windows Connection Manager” and WLAN AutoConfig” services after configuring the “WinHttpAutoProxySvc” service to be Manual instead of Disabled.
The Detection script
Below are the contents of the Detection script; it will exit with exit code 0 when everything is ok. It will exit with exit code 1 if the service is still listed in the “DependOnService” key or when the Service is not configured to be manual, and instruct Intune to start the Remediation script.
#Check Registry
if ((Get-ItemProperty HKLM:\SYSTEM\CurrentControlSet\Services\Wcmsvc | Select-Object -ExpandProperty DependOnService) -contains "WinHTTPAutoProxySvc") {
Write-Output "WinHTTPAutoProxySvc key found in HKLM:\SYSTEM\CurrentControlSet\Services\Wcmsvc, needs Remediation"
$remediationdepeondson = $true
}
else {
Write-Output "WinHTTPAutoProxySvc key not found in HKLM:\SYSTEM\CurrentControlSet\Services\Wcmsvc, no need for Remediation"
$remediationdepeondson = $false
}
#check service
if ((Get-Service -Name WinHttpAutoProxySvc).StartType -ne 'Manual') {
Write-Output "WinHTTP Web Proxy Auto-Discovery Service not configured as Manual, needs Remediation"
$remediationstarttype = $true
}
else {
Write-Output "WinHTTP Web Proxy Auto-Discovery Service configured as Manual, no need for Remediation"
$remediationstarttype = $false
}
#exit with correct exit code
if ($remediationdepeondson -or $remediationstarttype) {
exit 1
}
else {
exit 0
}
The Remediation Script
Below are the contents of the Remediation script. It will remove the “WinHTTPAutoProxySvc” value from the “DependOnService” key and restart the “Windows Connection Manager” and WLAN AutoConfig” services after configuring the “WinHttpAutoProxySvc” service to be Manual instead of Disabled.
#Change Dependency
Set-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\Wcmsvc -Name DependOnService -Value @('RpcSs', 'NSI') -Type MultiString
#Set Service WinHttpAutoProxySvc to Manual
New-ItemProperty -Path HKLM:\SYSTEM\CurrentControlSet\Services\WinHttpAutoProxySvc -Name 'Start' -Value '3' -PropertyType DWORD -Force:$true
#Restart services
Restart-Service WcmSvc, WlanSvc -Force:$true -Confirm:$false
Adding the scripts to Intune
You can follow these steps to add the scripts to Intune:
- Go to Devices – Microsoft Intune admin center
- Select Create
- Fill in the details (Name, Description, Publisher) and select Next
- Select the folder icon next to the Detection script file line, browse to it, and select the Detection.ps1 file.
- Select the folder icon next to the Remediation script file line, browse, and select Detection.ps1 file.
- Select Next
- Select Next
- Click Select groups to include, select the desired group, and click Select.
- Select Daily in the Schedule column and configure the Frequency to Once, Hourly, or Daily and select Apply
- Select Next and Create to complete adding the Remediation scripts to Intune.
Testing the scripts
If you have a device in your environment with Wi-Fi issues, run the Detection and Remediation script manually on that machine. If it works, add more devices to the group specified in the chapter above and continue until all devices are added. (You could filter for devices running Windows 11 24H2 specifically, of course)
Note: The devices that experience issues with Wi-Fi must be connected using Ethernet, of course 😉
Wrapping up
In this blog post, I showed how to remediate the Windows 11 24H2 Wi-Fi issue (if your users are experiencing it) using a Microsoft Intune Remediation script. This will help until Microsoft solves the problem. Please monitor your newsfeeds for that and stop using this Remediation approach then.
You can also download the script(s) from GitHub here.
Thanks for doing the work on this Harm, we appreciate you.
Thank you, means a lot!
The detection script will not work if only the first condition is met, you should use different variables to check if remediation is needed.
Thanks! You’re right, I updated the Detection script on GitHub and in the blog post so that it fails when one of the two conditions is not met.