Compliance state always 'Compliant' when remediation script runs
Use the output from Remediation to test and see if it was actually successful rather than assuming it was successful. Only way is to have a true non-compliance is to throw a non-zero exit code when using a script.
Today we have the same problem with our script.
We have contacted microsoft via the memcm console feedback and they write this is the normal behaviour.
I don't understand because it's a logically missdesign.
The task should look like: Run Discovery Script, if necessary run remediation script, run discovery script again and get back the output. Compare wit the compliance rule and set non-compliant or compliant.
Error should only happens, when the script get an error.
This is not my experience. If I have my remediation script produce output that is not the same as the detection script for determining compliance (e.g. STRING NOT EQUAL 'OK'), my CI/baseline will return non-compliance - which in the non-compliance string produced by the script and returned through the state message, I detail the reason for the non-compliance (e.g. '[X] was less than the threshold for compliance [Y]').