Remote Help is included in the Intune licensing and requires both the helper and sharer to install the Remote Help app for Windows. You can find the complete list of license requirements and network requirements here.
- Intune subscription
- Remote Help add-on license or an Intune Suite license for helpers and sharers
- Windows 11 (or Windows 10)
- The Remote Help app for Windows available from aka.ms/downloadremotehelp
- Remote Help is available within the same tenant only
- Remote Help uses port 443(HTTPS) and connects to the Remote Assistance Service by using the Remote Desktop Protocol (RDP)
- Traffic is encrypted with TLS 1.2
Note Remote Help Trial
Remote Help is free for 90 days with up to 250 trial users. One trial is allowed for each organization. See https://learn.microsoft.com/mem/intune/fundamentals/intune-add-ons.
Data collected during the Remote Help session logs are stored on Microsoft servers for 30 days and then deleted. These logs provide the data visible in the history shown in the Microsoft Intune admin center. Microsoft Remote Help session logs do not record actions or keystrokes. Each device will record errors and elevation of privilege actions within the event view.
Administrators should ensure that both the helper and sharer can reach the network endpoints using port 443, as shown in Table 1-16.
TABLE 1-16 Remote Help network endpoints
| Domain/name | Description |
| *.aria.microsoft.com | Used for accessibility features within the app. |
| *.events.data.microsoft.com | Microsoft Telemetry Service. |
| *.monitor.azure.com | Required for telemetry and remote service initialization. |
| *.support.services.microsoft.com | Primary endpoint used for the Remote Help application. |
| *.trouter.skype.com | Used for Azure Communication Service for chat and connection between parties. |
| *.aadcdn.msauth.net | Required for logging in to the application (AAD). |
| *.aadcdn.msftauth.net | Required for logging in to the application (AAD). |
| *.edge.skype.com | Used for Azure Communication Service for chat and connection between parties. |
| *.graph.microsoft.com | Used for connecting to the Microsoft Graph service. |
| *.login.microsoftonline.com | Required for Microsoft login service. Might not be available in preview in all markets or for all localizations. |
| *.remoteassistanceprodacs.communication.azure.com | Used for Azure Communication Service for chat and connection between parties. |
| Allow list for Microsoft Edge endpoints. See https://learn.microsoft.com/en-us/deployedge/microsoft-edge-security-endpoints. | The app uses Edge WebView2 browser control. This article lists the domain URLs that should be added to the allow list to ensure communications through firewalls and other security mechanisms. |