If you've deployed a new Intune policy and found yourself waiting around for it to show up on a device, here are five ways to force a sync instead of just waiting. Intune syncs automatically every 8 hours by default. That's fine for most situations, but not when you're in the middle of troubleshooting or need a policy applied right now.
This guide covers all five ways to manually force a policy sync on Windows 10 and Windows 11 devices, from quick end-user methods to full PowerShell automation for admins managing a large device fleet.
What Happens When You Force a Sync?
Forcing a sync sends an immediate check-in request from Intune to the device. If the device is online and reachable, it connects to the Intune service and pulls down the latest policies, application assignments, and configuration profiles.
Think of it as the modern equivalent of running gpupdate /force on a domain-joined machine, except instead of querying Active Directory, it's calling home to the Microsoft cloud.
Default Intune Policy Sync Intervals
Before reaching for a manual sync, it's worth understanding Intune's automatic refresh cycle. Policies don't appear on devices instantly after assignment, there's a built-in delay depending on the platform and whether the device is newly enrolled.
Standard refresh interval
| Operating System | Default Refresh Interval |
|---|---|
| Windows 10 / 11 | Every 8 hours |
| Windows 8.1 | Every 8 hours |
| Android | Every 8 hours |
| iOS / iPadOS | Every 8 hours |
| macOS | Every 8 hours |
Newly enrolled device refresh interval
| Operating System | Refresh Frequency After Enrolment |
|---|---|
| Windows 10 / 11 | Every 3 min for 15 min → every 15 min for 2 hrs → every 8 hrs |
| Windows 8.1 | Every 3 min for 15 min → every 15 min for 2 hrs → every 8 hrs |
| Android | Every 3 min for 15 min → every 15 min for 2 hrs → every 8 hrs |
| iOS / iPadOS | Every 15 min for 1 hr → every 8 hrs |
| macOS | Every 15 min for 1 hr → every 8 hrs |
Method 1, Windows Start Menu
The fastest way for anyone to trigger a sync without opening any app. You can start it directly from the Start Menu search results in just a few clicks.
- 1Click the Start button or press the Windows key.
- 2Start typing Company Portal.
- 3In the search results, right-click the Company Portal app.
- 4Select Sync this device from the context menu.
After clicking, the Company Portal app will open to its Settings page and display a "Syncing…" message while the device checks in with Intune.
Method 2, Intune Admin Centre
If you need to sync a device remotely without touching it, the Intune Admin Centre lets you trigger a sync from the portal. This is supported on Windows, iOS/iPadOS, macOS, and Android.
- 1Sign in to the Microsoft Intune Admin Centre.
- 2Go to Devices → Windows.
- 3Select the specific device you want to sync from the list.
- 4Click the Sync button in the action bar at the top.
- 5Click Yes to confirm.
Method 3, Company Portal App
End users can sync their own device directly from the Company Portal app without needing admin access or IT involvement. It's a good option to communicate to your users when they report issues with apps or policies.
- 1Open the Company Portal app from the Start Menu.
- 2Click the Settings icon in the bottom-left corner.
- 3Click the Sync button.
Once complete, you'll see a confirmation message: "Last Sync on [Date Time] was successful."
Method 4, Windows Settings App
No additional apps needed, Windows has a built-in sync option in the Settings app under the work account section. This syncs security policies, network profiles, and managed applications from Intune.
- 1Open Settings → click Start then the gear icon.
- 2Select Accounts.
- 3Click Access work or school.
- 4Select your work account (it has a small briefcase icon).
- 5Click the Info button.
- 6Scroll down to Device sync status and click Sync.
Method 5, PowerShell via Microsoft Graph
For advanced admins, PowerShell via the Microsoft Graph SDK lets you remotely force a sync on a single device or your entire Windows fleet in one go. This is ideal for post-deployment validation or bulk remediation.
Step 1, Install the Microsoft Graph module
First, install the required PowerShell module. Run PowerShell as Administrator and execute:
Install-Module -Name Microsoft.Graph.Intune
Step 2, Connect to Microsoft Graph
Connect your PowerShell session to Microsoft Graph using Connect-MgGraph. A browser window will open for sign-in, use a Global Administrator or Intune Administrator account.
Connect-MgGraph -Scopes "DeviceManagementManagedDevices.ReadWrite.All", "DeviceManagementManagedDevices.PrivilegedOperations.All"
Step 3, Sync a single device
Use the Sync-MgDeviceManagementManagedDevice cmdlet with the target device's ID. You can find the Device ID in the Intune Admin Centre on the device's Overview page.
Sync-MgDeviceManagementManagedDevice -ManagedDeviceId "your-device-id-here"
Step 4, Sync all Windows devices
The script below queries for all Windows-managed devices and fires a sync command for each one. Ideal for fleet-wide policy pushes.
# Get all Windows managed devices
$devices = Get-MgDeviceManagementManagedDevice -Filter "operatingSystem eq 'Windows'"
# Sync each device
foreach ($device in $devices) {
Sync-MgDeviceManagementManagedDevice -ManagedDeviceId $device.Id
Write-Host "Synced: $($device.DeviceName)" -ForegroundColor Green
}
Which Method Should You Use?
Here's a quick summary to help you pick the right method for the situation:
- Start Menu / Company Portal / Settings, best for end users or one-off syncs on a device you have in front of you.
- Intune Admin Centre, best when you need to remotely sync a specific device without physically touching it.
- PowerShell + Microsoft Graph, best for IT admins who need to sync multiple devices at once, automate post-deployment validation, or integrate into a wider scripting workflow.