Thursday, January 26, 2023
Latest:

Bridec.com

Microsoft 365 information

Endpoint Manager PowerShell 

How to save Endpoint Manager (Intune) Powershell scripts

Chuck McNeil

This is very handy. This is a big help when merging tenants. This should be easier but there is no way do download or edit via the GUI. Also, In case you are wondering, I was testing a script to activate the admin accounts but would not do that in real life.


New-Item -Force -Path 'C:temp' -ItemType Directory

####################################################

#region Initialization code

$m = Get-Module -Name Microsoft.Graph.Intune -ListAvailable

if (-not $m)

{

Install-Module NuGet -Force

Install-Module Microsoft.Graph.Intune

}

Import-Module Microsoft.Graph.Intune -Global

#endregion

####################################################

Function Get-DeviceManagementScripts(){

<#

.SYNOPSIS

Get all or individual Intune PowerShell scripts and save them in specified folder.

.DESCRIPTION

The Get-DeviceManagementScripts cmdlet downloads all or individual PowerShell scripts from Intune to a specified folder.

Initial Author: Oliver Kieselbach (oliverkieselbach.com)

The script is provided "AS IS" with no warranties.

.PARAMETER FolderPath

The folder where the script(s) are saved.

.PARAMETER FileName

An optional parameter to specify an explicit PowerShell script to download.

.EXAMPLE

Download all Intune PowerShell scripts to the specified folder

Get-DeviceManagementScripts -FolderPath C:temp

.EXAMPLE

Download an individual PowerShell script to the specified folder

Get-DeviceManagementScripts -FolderPath C:temp -FileName myScript.ps1

#>

[CmdletBinding()]

Param(

[Parameter(Mandatory=$true)][String] $FolderPath,

[Parameter(Mandatory=$false)][String] $FileName

)

$graphApiVersion = "Beta"

$graphUrl = "https://graph.microsoft.com/$graphApiVersion"

$result = Invoke-MSGraphRequest -Url "$graphUrl/deviceManagement/deviceManagementScripts" -HttpMethod GET

if ($FileName){

$scriptIds = $result.value | Select-Object id,fileName | Where-Object -Property fileName -eq $FileName

$script = Invoke-MSGraphRequest -Url "$graphUrl/deviceManagement/deviceManagementScripts/$($scriptId.id)" -HttpMethod GET

[System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($($script.scriptContent))) | Out-File -Encoding ASCII -FilePath $(Join-Path $FolderPath $($script.fileName))

}

else{

$scriptIds = $result.value | Select-Object id,fileName

foreach($scriptId in $scriptIds){

$script = Invoke-MSGraphRequest -Url "$graphUrl/deviceManagement/deviceManagementScripts/$($scriptId.id)" -HttpMethod GET

[System.Text.Encoding]::ASCII.GetString([System.Convert]::FromBase64String($($script.scriptContent))) | Out-File -Encoding ASCII -FilePath $(Join-Path $FolderPath $($script.fileName))

}

}

}

Connect-MSGraph | Out-Null

Get-DeviceManagementScripts -FolderPath C:temp

#Get-DeviceManagementScripts -FolderPath C:temp -FileName myScript.ps1

Thank you, okieselbach (Oliver Kieselbach)

You May Also Like

How to connect to Exchange Online PowerShell using modern authentication with MFA

Chuck McNeil

Get a device’s hardware hash and serial number

Chuck McNeil

Microsoft Windows Autopilot deployment scenarios (video)

Chuck McNeil