thomaskur / intunedocumentation Goto Github PK
View Code? Open in Web Editor NEWAutomatic Intune Documentation to simplify the life of admins and consultants.
License: GNU General Public License v3.0
Automatic Intune Documentation to simplify the life of admins and consultants.
License: GNU General Public License v3.0
It would be very cool if there was an option to output to HTML or Markdown.
Reason:
Then we can automaticly put it on a storageblob with static webpage.
this way we have an updated documentation webpage.
Hello,
I've followed article 7 however I cannot give permission for Powershell.
After pressing accept, nothing happens and cannot see Intune in Enterprise apps
How else can I get the script to work with modern authentication?
We have in our environment in some regions more than 1000 elements.
For example in applications.
We figured out that there are only 1000 apps visible in the document.
From other projects I know that the normal limit for graph calls is 1000.
Maybe it is possible to add an pagination to your script too?
Thank you.
Hi,
In Invoke-PrintAssignmentDetail at string 21 it is
foreach($group in $DCPA)
but should be
foreach($group in $Assignments)
Best regards
Allow users to choose to not output not configured settings to make documentation smaller.
IntuneDocumentation/DocumentIntune.ps1
Line 954 in 41979a9
There's a space to much on this line. Therefor the script didn't work when I tried it.
Hi, we tried to install the Automatic Intune Documentation script with these commands:
Install-Module Microsoft.Graph.Intune
Install-Module PSWord
Install-Module IntuneDocumentation
Invoke-IntuneDocumentation -FullDocumentationPath c:\temp\IntuneDoc.docx
=> Invoke-IntuneDocumentation : The 'Invoke-IntuneDocumentation' command was found in the module 'IntuneDocumentation' but the module could not be loaded.
CategoryInfo : ObjectNotFoud (IntuneDocumentation: string) [], CommandNotFoundException
FullyQualifiedErrorId: CouldNotAutoloadMatchingModule
I hope you can help? Br / John
When you change line 88 in Invoke-IntuneDocumentation.ps1 (#region Document Apps) from
Get-IntuneMobileApp | ForEach-Object {
to
(Invoke-MSGraphRequest -HttpMethod GET -Url https://graph.microsoft.com/beta/deviceAppManagement/mobileApps).Value | ForEach-Object {
you get all app types returned, including win32LobApp and officeSuiteApp.
Get-IntuneMobileApp uses https://graph.microsoft.com/**v1.0**/deviceAppManagement/mobileApps which currently only returns part of the app types.
Is OSX currently supported? When following the instructions I run into the following issues:
Line |
39 | $LogFilePathFolder = Join-Path -Path $Env:TEMP -ChildPath $Sc …
| ~~~~~~~~~
| Cannot bind argument to parameter 'Path' because it is null.
Connect-MSGraph: /Users/<user>/.local/share/powershell/Modules/IntuneDocumentation/2.0.15/Functions/Invoke-IntuneDocumentation.ps1:64
Line |
64 | Connect-MSGraph
| ~~~~~~~~~~~~~~~
| Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
InvalidOperation: /Users/<user>/.local/share/powershell/Modules/IntuneDocumentation/2.0.15/Internal/Get-MobileAppsBeta.ps1:18
Line |
18 | $errorResponse = $ex.Response.GetResponseStream()
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| You cannot call a method on a null-valued expression.```
Hi, ran the script and it worked like a charm but I had an issue with DomainJoin Configuration Profile in Intune. These are in Preview, but is there a way to update the script to capture those too? I have quite a few of those and it would be handy to have them included in the script ;)
Does not work. All ID's are redacted for security reason. I am the Global Admin of that tenant.
PS C:\temp> $p = New-IntuneDocumentationAppRegistration
PS C:\temp> $p | fl
ClientID : 31ddbfbd-563f-
ClientSecret : zbvSsjZcvr
ClientSecretExpiration : 18.02.2022 00:11:21
TenantId : be398df7-
PS C:\temp> Invoke-IntuneDocumentation -FullDocumentationPath c:\temp\IntuneDoc.docx
Here I am asked for Admin consent and granted it
UPN TenantId
--- --------
[email protected] be398df7-
Es ist nicht möglich, eine Methode für einen Ausdruck aufzurufen, der den NULL hat.
In C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Get-MobileAppsBeta.ps1:18 Zeichen:9
+ $errorResponse = $ex.Response.GetResponseStream()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Get-IntuneAppProtectionPolicy : 400 Bad Request
{
"error": {
"code": "AuthenticationError",
"message": "Error authenticating with resource",
"innerError": {
"date": "2021-02-17T23:13:43",
"request-id": "128e1a31-43e3-4a0f-8c04
"client-request-id": "128e1a31-43e3-4a0f
}
}
}
In C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Functions\Invoke-IntuneDocumentation.ps1:153 Zeichen:13
+ $MAMs = Get-IntuneAppProtectionPolicy | Where-Object { $_.'@odata ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : Verbindungsfehler: (@{Request=; Response=}:PSObject) [Get-DeviceAppMa...agedAppPolicies], HttpRequestException
+ FullyQualifiedErrorId : PowerShellGraphSDK_HttpRequestError,Microsoft.Intune.PowerShellGraphSDK.PowerShellCmdlets.Get_DeviceAppManagement_ManagedAppPolic
ies
Get-IntuneAppProtectionPolicy : 400 Bad Request
{
"error": {
"code": "AuthenticationError",
"message": "Error authenticating with resource",
"innerError": {
"date": "2021-02-17T23:13:43",
"request-id": "2d59d983-ef55-
"client-request-id": "2d59d983
}
}
}
Then I tried Invoke-ConditionalAccessDocumentation - this worked and I got a Word-File with content.
########################################################
PS C:\temp> Invoke-ConditionalAccessDocumentation -FullDocumentationPath c:\temp\CADoc.docx
Cmdlet Invoke-ConditionalAccessDocumentation an der Befehlspipelineposition 1
Geben Sie Werte für die folgenden Parameter an:
ClientId: 31ddbfbd-563f-
ClientSecret: zbvSsjZc
Tenant: be398df7-a2a8
#########################################################
Then I tried the other command with the same credetial details. This does NOT work.
PS C:\temp> Invoke-IntuneDocumentation -FullDocumentationPath c:\temp\IntuneDoc2.docx -ClientId 31ddbfbd-563f -ClientSecret zbvSsjZcvr -Tenant be398df7-a2a8
Es ist nicht möglich, eine Methode für einen Ausdruck aufzurufen, der den NULL hat.
In C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Get-MobileAppsBeta.ps1:18 Zeichen:9
+ $errorResponse = $ex.Response.GetResponseStream()
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
Get-IntuneAppProtectionPolicy : 400 Bad Request
{
"error": {
"code": "AuthenticationError",
"message": "Error authenticating with resource",
"innerError": {
"date": "2021-02-17T23:20:53",
"request-id": "c644bc4c-
"client-request-id": "c644bc4c-
}
}
}
My environment
PS C:\temp> Get-Module -ListAvailable *Azure*
Verzeichnis: C:\Program Files\WindowsPowerShell\Modules
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Binary 2.0.2.128 AzureAD {Add-AzureADApplicationOwner, Get-AzureADApplication, Get-AzureADApplicationExtensionProperty, Get-...
Binary 2.0.2.129 AzureADPreview {Add-AzureADApplicationOwner, Get-AzureADApplication, Get-AzureADApplicationExtensionProperty, Get-...
PS C:\temp> Get-Module -ListAvailable *Intune*
Verzeichnis: C:\Program Files\WindowsPowerShell\Modules
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Script 2.0.19 IntuneDocumentation {Invoke-ConditionalAccessDocumentation, Invoke-IntuneDocumentation, New-IntuneDocumentationAppRegis...
Binary 6.1907.1.0 Microsoft.Graph.Intune {New-AccessActionObject, New-ActivityHistoryItemObject, New-AlertHistoryStateObject, New-AlertObjec...
Manifest 4.8 WindowsAutoPilotIntune {Get-AutopilotEvent, Get-AutopilotProfileAssignedDevice, Remove-AutopilotImportedDevice, Import-Aut...
PS C:\temp> Get-Module -ListAvailable *Graph*
Verzeichnis: C:\Program Files\WindowsPowerShell\Modules
ModuleType Version Name ExportedCommands
---------- ------- ---- ----------------
Binary 6.1907.1.0 Microsoft.Graph.Intune {New-AccessActionObject, New-ActivityHistoryItemObject, New-AlertHistoryStateObject, New-AlertObjec...
PS C:\temp> $PSVersionTable
Name Value
---- -----
PSVersion 5.1.19041.610
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.19041.610
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
Hi,
I am unable to get the documentation..looks it looks for Global Azure Admin credentials? Is it so? Not sure why? Can you advice?
Thanks much,
Anantha
In the output of my script, I received the following output:
WARNING: 2020-10-23 10:56:59+02 WARN You used the option to translate API properties. Some of the configurations of
your tenant could not be translated because translations are missing.
WARNING: 2020-10-23 10:56:59+02 WARN - C:\Program
Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.15\Data\LabelTranslation\#microsoft.graph.androidDeviceOwnerGen
eralDeviceConfiguration.json
WARNING: 2020-10-23 10:56:59+02 WARN - C:\Program
Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.15\Data\LabelTranslation\#microsoft.graph.androidCustomConfigur
ation.json
WARNING: 2020-10-23 10:56:59+02 WARN - C:\Program
Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.15\Data\LabelTranslation\#microsoft.graph.iosWiFiConfiguration.
json
WARNING: 2020-10-23 10:56:59+02 WARN - C:\Program
Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.15\Data\LabelTranslation\#microsoft.graph.androidGeneralDeviceC
onfiguration.json
WARNING: 2020-10-23 10:56:59+02 WARN You can support the project by translating and submitting the files as issue on
the project page. Then it will be included for the future.
WARNING: 2020-10-23 10:56:59+02 WARN Follow the guide here
https://github.com/ThomasKur/IntuneDocumentation/blob/master/AddTranslation.md
I would love to create Translation Files for the Security Baseline (the new Endpoint Security nodes), but I am not sure how to create these files? How can I find the correct DataType and Metadata.
Is this something that can be generated through a script? I am happy to contribute to this
Fantastic work here. I'm compiling documentation for several different tenants am noticing some issues. For example:
I'd like to work with you to troubleshoot. Please contact me.
When trying to run the script on a PowerShell 7 system using either a pre-made App registration or just the default, I get the error message that Connect-MSGraph can't load a type, which means the connection doesn't get started and all else just fails horribly:
$tenant = 'tenantid'
$appid = 'appid'
$secret = 'secret'
Invoke-IntuneDocumentation `
-FullDocumentationPath c:\temp\IntuneDoc.docx `
-ClientId $appid `
-ClientSecret $secret `
-Tenant $tenant
Connect-MSGraph: C:\Users\username\Documents\PowerShell\Modules\IntuneDocumentation\2.0.19\Functions\Invoke-IntuneDocumentation.ps1:94:9
Line |
94 | Connect-MSGraph -ClientSecret $ClientSecret -Quiet
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
InvalidOperation: C:\Users\username\Documents\PowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Get-MobileAppsBeta.ps1:18:9
Line |
18 | $errorResponse = $ex.Response.GetResponseStream()
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| You cannot call a method on a null-valued expression.
The exact same happens when running
Invoke-IntuneDocumentation -FullDocumentationPath C:\temp\testdoc.docx
Line |
96 | Connect-MSGraph
| ~~~~~~~~~~~~~~~
| Could not load type 'System.Security.Cryptography.SHA256Cng' from assembly 'System.Core, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089'.
InvalidOperation: C:\Users\username\Documents\PowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Get-MobileAppsBeta.ps1:18:9
Line |
18 | $errorResponse = $ex.Response.GetResponseStream()
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| You cannot call a method on a null-valued expression.
Get-DeviceAppManagement_ManagedAppPolicies: C:\Users\username\Documents\PowerShell\Modules\IntuneDocumentation\2.0.19\Functions\Invoke-IntuneDocumentation.ps1:153:13
Line |
153 | $MAMs = Get-IntuneAppProtectionPolicy | Where-Object { $_.'@odata …
| ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Not authenticated. Please use the "Connect-MSGraph" command to authenticate.
A little bit of digging shows that this seems to be a Connect-MSGraph related issue on PS "core" edition as you can find here.
$psversiontable
Name Value
---- -----
PSVersion 7.1.2
PSEdition Core
GitCommitId 7.1.2
OS Microsoft Windows 10.0.19041
Platform Win32NT
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0
Running the exact same code under Windows PowerShell works just fine.
$psversiontable
Name Value
---- -----
PSVersion 5.1.19041.610
PSEdition Desktop
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0...}
BuildVersion 10.0.19041.610
CLRVersion 4.0.30319.42000
WSManStackVersion 3.0
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
Suggestion is to either update documentation that Windows PowerShell is required or perhaps another solution/workaround for this issue.
Hey,
I am triing to use an own template.
I read that there must just be a "Template.docx" in the same location where I got my script located which runs "Invoke-IntuneDocumentation".
But this is not working.
I created a script called "IntuneDocumentation.ps1" to have some stuff arround and placed the "Template.docx" in the same location.
Thanks.
When I run the script for conditional access I get these two errors. It does not prevent the script from running and producing the documents
You cannot call a method on a null-valued expression.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Get-AzureADUser.ps1:27 char:9
$errorResponse = $ex.Response.GetResponseStream()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
You cannot call a method on a null-valued expression.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Get-AzureADUser.ps1:27 char:9
$errorResponse = $ex.Response.GetResponseStream()
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Any help appreciated
Nirender
My Azure tenant uses MFA how would I change the code around lines 968 - 975 to leverage MFA? I know it might be related to connect-MSOLService. Im not sure how to gather the tokens etc.
Thanks
Hello,
I'm trying to run this script automatically without user interaction.
It looks like it's not possible because of the "Connect-MSGraph" call.
My guess is that Connect-MSGraph tries to prompt for the user credentials which doesn't work when starting this script in an automated and unattended way.
Connect-MSGraph does provide some switches that could be used to remove the need of user interaction like :
What's your take on this one ?
Getting this when attempting to run:
At C:\users\stigespen\Desktop\DocumentIntune.ps1:901 char:20
if($result -eq "OK")    {   Â
~
You must provide a value expression following the '-eq' operator.
At C:\users\stigespen\Desktop\DocumentIntune.ps1:901 char:20
if($result -eq "OK")    {   Â
~
Unexpected token 'Â' in expression or statement.
At C:\users\stigespen\Desktop\DocumentIntune.ps1:901 char:20
if($result -eq "OK")    {   Â
~
Missing closing ')' after expression in 'if' statement.
At C:\users\stigespen\Desktop\DocumentIntune.ps1:893 char:4
if($result -eq "OK")    {   Â
~
The Try statement is missing its Catch or Finally block.
At C:\users\stigespen\Desktop\DocumentIntune.ps1:901 char:26
if($result -eq "OK")    {   Â
~
Unexpected token ')' in expression or statement.
At C:\users\stigespen\Desktop\DocumentIntune.ps1:910 char:1
O365 is a new Object Type and needs to be added.
Hello
I have two factor authenticartion on my admin credentials so when I run the script it prompts me for my crentials but then does not ask for the second factor authentication and fails.
If a conditional access policy has a value for Sign in Frequency then Invoke-ConditionalAccessDocumentation generates an error due to an Invalid Cast.
Cannot convert value "days" to type "System.Int64". Error: "Input string was not in a correct format."
At
Invoke-ConditionalAccessDocumentation.ps1:195
char:9
+ $ResultCAPolicy | Add-Member Noteproperty "S_SignInFrequencyT ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidArgument: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvalidCastFromStringToInteger
Hi Thomas,
Seeing an error with ADMX device configuration profiles. Error output from the script is:
WARNING: 2020-02-12 13:38:42+10 WARN Error reading ADMX setting - [System.Management.Automation.RuntimeException] You
cannot call a method on a null-valued expression.
WARNING: Call the 'Connect-MSGraph' cmdlet to use the updated environment parameters.
DEBUG: 2020-02-12 13:38:43+10 DEBUG Device Configuration (ADMX):
Add-WordText : Object reference not set to an instance of an object.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.11\Functions\Invoke-IntuneDocumentation.ps1:249
char:9
Add-WordText -FilePath $FullDocumentationPath -Heading Headin ...
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add-WordTable : Cannot bind argument to parameter 'InputObject' because it is null.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.11\Functions\Invoke-IntuneDocumentation.ps1:250
char:32
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The word document contained the correct heading for the name of the profile but no data underneath it.
we dont have apple configured, it seems that it failing requesting when its not available.
Get-IntuneApplePushNotificationCertificate : 404 Not Found
{
"error": {
"code": "ResourceNotFound",
"message": "{\r\n "_version": 3,\r\n "Message": "An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: d4f43fa4-4791-424c-9cbf-7c4a60796465 - Url:
https://fef.amsub0102.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/applePushNotificationCertificate?api-version=2018-05-24\",\r\n "CustomApiErrorPhrase": "",\r\n "RetryAfter": null,\r\n "ErrorSourceService": "",\r\n "HttpHeaders":
"{}"\r\n}",
"innerError": {
"date": "2020-09-25T09:58:18",
"request-id": "d4f53fa4-4771-454c-9cbf-7c4z60796465",
"client-request-id": "d4f43fa4-4111-424c-9asff-7c4a60796465"
}
}
}
Period Before Pin Reset | PT0S |
---|---|
Period Offline Before Access Check | PT12H |
Period Offline Before Wipe Is Enforced | P90D |
Period Online Before Access Check | PT30M |
Hi,
When running the script, you'll get a error "Failed to retrieve access token from Azure"
hi,
first time i use this wonderfull tool.
I get this erros :
Get-DeviceAppManagement_AndroidManagedAppProtections_Assignments : 400 Bad Request
{
"error": {
"code": "No method match route template",
"message": "No OData route exists that match template ~/singleton/navigation/key/cast/navigation with http verb
GET for request /MAMAdmin_2007/MAMAdminFEService/deviceAppManagement/androidManagedAppProtections('T_efc4d995-xxxx-yyyy-zzzz-fcc96b9d1b0d')/$/microsoft.management.services.api.androidManagedAppProtection/assignments.",
"innerError": {
"date": "2020-07-24T07:22:49",
"request-id": "a756e412-a056-4227-acda-08aa6800478d"
}
}
}
Au caractère C:\Program
Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.16\Functions\Invoke-IntuneDocumentation.ps1:159 : 25
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Hello, I’m trying to contribute to the API names to portal names for this script. I’m following the directions on https://github.com/ThomasKur/IntuneDocumentation/blob/master/AddTranslation.md but I do not get anything for this step “Open one of the displayed json files which are displayed after you generated the documentations.”
running this command- Invoke-IntuneDocumentation -FullDocumentationPath c:\temp\IntuneDoc.docx -UseTranslationbeta
thank you
Hello,
I just tried IntuneDocumentation 2.0.18 on my tenant.
I do like this tool !
But I have 2 custom configuration profils (w10CustomConfiguration) that apprears to be empty in the word file :
These profils are used for ADMX ingestion and for each, the first custom OMA-URI value contains a copy of on premise admx files content (chrome.admx 478KB for the first and Firefox.admx 179KB) for the second) as well as several custom OMA-URI with shorter values.
for others custom configuration profils the settings a well listed in the output docx.
Is there a limit to the size?
Is this a wanted behaviour?
Thanks a lot !
We have required MFA via AAD Conditional Access for all our admins. Hence the auth tokens cannot be retrieved. Is there a workaround?
Even better would be to run this script with non-user credentials, e.g. thru Azure Automation. Any thoughts on that?
Explanation:
Our use case is that we have three independent tenants (Development, Integration and Production) and want to regularly create reports for all three to manually check for config deviations.
Eventually we dream of continuous integration/deployment. But that would definitely require an official Graph API endpoint to read/write Conditional Access policies.
Would it be possible for you to add a switch that would allow us to dump out all of the items in Intune that can be configured? Sadly customers want to see what they can do before they decide what they want to do. I used to have this as an Excel that I manually created but it was just too much to keep it up to date.
This is a great idea. I think Word may not be the right tool For example, if I want to document all APPs across a tenant seeing those in a list, non relative to each other, is still very tricky to parse. If the output was into say excel or even CSV you could have a excel page in a workbook for APPs and each row is a single APP each column is an attribute and you could quickly at a glance see which settings were common across polities. Then another page for Device Configuration, Device Compliance etc. etc.
My small test lab generated a 120 page document that was very interesting but I'm not sure how it would be in a production environment. Just a thought.
If you could that that ability to your script that would be awesome. I am getting the group names, type (user or device), membership type (static or dynamic), the rule if it is dynamic, and the member count.
Would be great to have the new Endpoint Security configurations included in the script. Maybe also the Security Baseline profiles
So a customer can decide to hide a specific setting always
Allow the following configuration in the JSON:
Print = False (Default would be true)
My App Config policies are getting identified as App Protection policies for some reason, in the word document that gets generated. Also, there doesn't appear to be any meaningful configuration data that gets documented in those app protection policies.
Hello, i'm getting the error below. I've ran this before with no issues.
This is a test environment I'm running this on.
Get-Groups : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:57",
"request-id": "88f7adec-286d-4ccb-a837-a9a9f75ca14a",
"client-request-id": "88f7adec-286d-4ccb-a837-a9a9f75ca14a"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:25 char:21
$GroupObj = Get-Groups -groupid $Assignment.target.groupId
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups_Members : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:57",
"request-id": "3304d2d4-fb6b-43e9-94e9-1fd19141ac41",
"client-request-id": "3304d2d4-fb6b-43e9-94e9-1fd19141ac41"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:36 char:20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add-WordTable : Object reference not set to an instance of an object.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail.ps1:29 char:33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:57",
"request-id": "34f5cfb0-d60f-4d57-b018-cc88783ac4b7",
"client-request-id": "34f5cfb0-d60f-4d57-b018-cc88783ac4b7"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:25 char:21
$GroupObj = Get-Groups -groupid $Assignment.target.groupId
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups_Members : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:58",
"request-id": "d7e50f52-8ed5-42ad-8177-09f8949d93f4",
"client-request-id": "d7e50f52-8ed5-42ad-8177-09f8949d93f4"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:36 char:20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add-WordTable : Object reference not set to an instance of an object.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail.ps1:29 char:33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:58",
"request-id": "ac787286-6e6a-43c0-b921-edaf58deb5a4",
"client-request-id": "ac787286-6e6a-43c0-b921-edaf58deb5a4"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:25 char:21
$GroupObj = Get-Groups -groupid $Assignment.target.groupId
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups_Members : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:58",
"request-id": "07a0a9f6-7cbd-438f-ac98-33abddcd3540",
"client-request-id": "07a0a9f6-7cbd-438f-ac98-33abddcd3540"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:36 char:20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add-WordTable : Object reference not set to an instance of an object.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail.ps1:29 char:33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:58",
"request-id": "f605b4fc-ebdf-40f3-9830-f8cb94645cae",
"client-request-id": "f605b4fc-ebdf-40f3-9830-f8cb94645cae"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:25 char:21
$GroupObj = Get-Groups -groupid $Assignment.target.groupId
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Get-Groups_Members : 404 Not Found
{
"error": {
"code": "Request_ResourceNotFound",
"message": "Resource '98abd59d-976f-4b23-b4f2-185b3450267a' does not exist or one of its queried reference-property objects are not present.",
"innerError": {
"date": "2021-03-16T18:09:59",
"request-id": "4e1b8bb4-d163-4ef9-8a35-81395fbc6e6c",
"client-request-id": "4e1b8bb4-d163-4ef9-8a35-81395fbc6e6c"
}
}
}
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail_Assignment.ps1:36 char:20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Add-WordTable : Object reference not set to an instance of an object.
At C:\Program Files\WindowsPowerShell\Modules\IntuneDocumentation\2.0.19\Internal\Invoke-PrintAssignmentDetail.ps1:29 char:33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
At the first the script wasn't working for me. I had to remove an additional space on line 937.
$Global:authToken = get-graphTokenForIntune -User $user -Password $password
Can you make "notConfigured" show as two words "Not configured" or "Not Configured"? A lot of things that are not configured just show up as blank and others show as notConfigured, not sure why but it would be great if you could make them all Not Configured.
For the policy type or oData policy type can you make say something like. "iOS App Protection" instead of "microsoft.graph.iosManagedAppProtection" (as an example)? and we only need one of those two fields, not both.
Receiving following error on global admin without MFA
get-graphTokenForIntune : Failed to retrieve access token from Azure
At line:954 char:21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
get-graphTokenForIntune : access token is null!
At line:954 char:21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.