Documentation Index
Fetch the complete documentation index at: https://docs.runlayer.com/llms.txt
Use this file to discover all available pages before exploring further.
Prerequisites
- Microsoft Intune admin access
- Devices running Windows 10 1607+ or Windows 11, Microsoft Entra joined
Windows Home and S mode are not supported.
Deployment Methods
Intune supports two deployment methods. Choose based on your license:- Platform Script — available with all Intune licenses. Creates a Windows Scheduled Task for recurring scans.
- Remediation — requires Intune P2 (or add-on). Intune handles scheduling natively; no scheduled task is created on the device.
Deployment Steps
Get Deployment Artifacts
In the Runlayer dashboard, go to Settings → MDM Configuration and click Add new to launch the setup wizard. Select Detect as the mode and your MDM platform. The wizard auto-generates an API key and renders the deployment script. Select your deployment method (Platform Script or Remediation) when generating the script.
Add Script in Intune
- Platform Script
- Remediation
- Open the Intune admin center
- Go to Devices > Scripts and remediations > Platform scripts
- Click Add > Windows 10 and later
- Name it (e.g., “AI Watch Detect”) → Next
- Upload the generated script
- Set Signature check to No
- Set Run this script using the logged on credentials to Yes
- Set Run script in 64-bit PowerShell host to Yes
How It Works
- Platform Script
- Remediation
The Intune platform script runs once per device and acts as a bootstrapper:
- Installs the Runlayer CLI and stores credentials
- Runs the scan command immediately
- Creates a Windows Scheduled Task for recurring execution
RunlayerAIWatch) runs on the configured interval (default: 60 minutes) and automatically updates the Runlayer CLI when new versions are available.The scheduled task runs as the logged-on user. Scans only occur while a user is signed in.
Verification
- Platform Script
- Remediation
Monitor script status in Devices > Scripts and remediations > Platform scripts.To verify the scheduled task is running, open Task Scheduler on the device and look for
RunlayerAIWatch. Logs are at %ProgramData%\Runlayer\ai_watch_detect.log.Troubleshooting
Script not running
Script not running
- Ensure the device is Microsoft Entra joined (not just registered)
- Check that the Intune Management Extension service is installed
- Verify the device can reach
https://pypi.org - Review logs in
C:\ProgramData\Microsoft\IntuneManagementExtension\Logs
Script reports success but no data in Runlayer
Script reports success but no data in Runlayer
- Check
%ProgramData%\Runlayer\ai_watch_detect.logfor errors - Verify the organization API key is correct and not revoked
- Ensure the device can reach your Runlayer instance
Authentication fails with 401
Authentication fails with 401
- Verify the organization API key is correct
- Check if the key has been revoked in Runlayer Settings > API Keys
Scheduled task not running (Platform Script only)
Scheduled task not running (Platform Script only)
- Open Task Scheduler and check
RunlayerAIWatchstatus - Verify the recurring script exists at
C:\ProgramData\Runlayer\Scripts\ - Check logs at
%ProgramData%\Runlayer\ - The task only runs while the user is logged in
Remediation shows non-compliant
Remediation shows non-compliant
- Check
%ProgramData%\Runlayer\ai_watch_detect.logfor errors - A non-compliant status means the scan failed — check network connectivity and credentials
- Verify the device can reach your Runlayer host