CYBERDOM

Just another day of IR, Threat-Hunting & Microsoft Security

Run PowerShell via Microsoft Intune

by · August 24, 2018

Microsoft states that everything that you can do through the Azure portal is possible to accomplish with PowerShell as well. This becomes possible because Microsoft has built the new portal on top of the Microsoft Graph API. This post focus on how to Run PowerShell via Microsoft Intune.

If you were to add a new Device Profile, add an App, or create a Compliance Policy, all the actions you take within the portal are processed by the Microsoft Graph API that communicates with the Microsoft Intune backend. With this knowledge in mind, it’s now possible to explore all the possibilities available through the Microsoft Graph API and how it can be used with PowerShell.

The Intune management extension lets you upload PowerShell scripts in Intune to run on Windows 10 devices. The management extension supplements Windows 10 mobile device management (MDM) capabilities and makes it easier for you to move to modern management.

Post Contents Show

Prerequisites for PowerShell via Intune

The Intune management extension has the following prerequisites:

  • Devices must be joined to Azure AD.
  • Devices must run Windows 10, version 1607 or later.
  • Automatic MDM enrollment must be enabled in Azure AD, and devices must be auto-enrolled to Intune.

Configure PowerShell Via Intune

  • Prepare some PowerShell script, for this demo:
    $wshell = New-Object -ComObject Wscript.Shell
    $wshell.Popup(“PowerShell Test via Intune”,0,”Done”,0x1)
  • Login to Azure Intune Portal and go to Device Configuration.
  • From Device, Configuration choose PowerShell script and choose Add

Run PowerShell via Microsoft Intune

  • Then type the name for your script, Upload the PowerShell script and wait for few seconds until the PowerShell will be
    available for configuration.

  • On the Script Options, choose Yes for Run this script using the logged on credentials and select OK and Create the script

  • The choose Assignment and select the relevant group

Once the PowerShell script package is ready, you can wait 15 minutes, and the script will run on the appropriate users.

Note: It is possible to sync your device manually to receive the hand immediately

Once you sync device settings, two actions will occur:

  • Windows 10 will receive Intune Management Extension package
  • A new event id will appear with event id 7045 (Service Name: Microsoft Intune Management Extension)

More Intune blog posts

Microsoft Endpoint Manager Blog – Microsoft Tech Community

Run PowerShell via Microsoft Intune

by · August 24, 2018

Microsoft states that everything that you can do through the Azure portal is possible to accomplish with PowerShell as well. This becomes possible because Microsoft has built the new portal on top of the Microsoft Graph API. This post focus on how to Run PowerShell via Microsoft Intune.
If you were to add a new Device Profile, add an App, or create a Compliance Policy, all the actions you take within the portal are processed by the Microsoft Graph API that communicates with the Microsoft Intune backend. With this knowledge in mind, it’s now possible to explore all the possibilities available through the Microsoft Graph API and how it can be used with PowerShell.
The Intune management extension lets you upload PowerShell scripts in Intune to run on Windows 10 devices. The management extension supplements Windows 10 mobile device management (MDM) capabilities and makes it easier for you to move to modern management.

Prerequisites for PowerShell via Intune

The Intune management extension has the following prerequisites:

  • Devices must be joined to Azure AD.
  • Devices must run Windows 10, version 1607 or later.
  • Automatic MDM enrollment must be enabled in Azure AD, and devices must be auto-enrolled to Intune.

Configure PowerShell Via Intune

  • Prepare some PowerShell script, for this demo:
    $wshell = New-Object -ComObject Wscript.Shell
    $wshell.Popup(“PowerShell Test via Intune”,0,”Done”,0x1)
  • Login to Azure Intune Portal and go to Device Configuration.
  • From Device, Configuration choose PowerShell script and choose Add

Run PowerShell via Microsoft Intune

  • Then type the name for your script, Upload the PowerShell script and wait for few seconds until the PowerShell will be
    available for configuration.

  • On the Script Options, choose Yes for Run this script using the logged on credentials and select OK and Create the script

  • The choose Assignment and select the relevant group

Once the PowerShell script package is ready, you can wait 15 minutes, and the script will run on the appropriate users.
Note: It is possible to sync your device manually to receive the hand immediately

Once you sync device settings, two actions will occur:

  • Windows 10 will receive Intune Management Extension package
  • A new event id will appear with event id 7045 (Service Name: Microsoft Intune Management Extension)



More Intune blog posts
Microsoft Endpoint Manager Blog – Microsoft Tech Community

Tags:

You may also like...

3 Responses

Leave a Reply

error: Content is Protected !!
%d bloggers like this: