Comments (4)
Hello!
I've been away a couple of days. I'll try to write some instructions on the weekend.
I use this myself in one of the test environments. So it should be possible.
Cheers!
from intunemanagement.
Hello,
Documentation by Microsoft: Quickstart: Register an application with the Microsoft identity platform
I hope this will get you going:
Go to the Entra Portal
-
Register a new App registration in Entra
-
Note Application Id
-
Add Delegated permissions
-
Microsoft Graph
-
For full support of the app is requires:
DeviceManagementConfiguration.ReadWrite.All,Policy.Read.All,Policy.ReadWrite.ConditionalAccess,Application.Read.All,Agreement.ReadWrite.All,DeviceManagementApps.ReadWrite.All,Organization.ReadWrite.All,DeviceManagementServiceConfig.ReadWrite.All,DeviceManagementMana
gedDevices.ReadWrite.All,DeviceManagementRBAC.ReadWrite.All,CloudPC.ReadWrite.All -
It will also need User.ReadWrite.All,Group.ReadWrite.All but you could set these to read only unless you will let the app create Groups.
-
Grant permissions for the environment
-
-
Go to Authentication
- Click + Add platform
- Click on Mobile and desktop applications
- Check https://login.microsoftonline.com/common/oauth2/nativeclient
- msal value can also be used
Start the Tool
-
Go to Settings
-
Change Application in Endpoint Manager/Intune
- Set drop down to Empty. It will only use custom app if drop down is empty.
- Specify App Id
- Specify Redirect URL to https://login.microsoftonline.com/common/oauth2/nativeclient
-
Save Settings
Restart the Tool
- Custom app settings are only used during startup
Check log for missing permissions. It will have a line stating: "WARNING: Missing scopes:"
You can add missing permissions in the Tool UI by going to you profile picture and click Request Consent. That will only be available if it detects missing permissions. If you feel like the app is adding too many permissions, you can remove them for the App Registration in the Entra portal.
Let me know how you go.
Cheers!
from intunemanagement.
You are a legend! Thank you for the quick write up. Will get it tested tomorrow and let you know.
from intunemanagement.
Thanks @Micke-K - instructions worked perfectly. I was missing the redirect URI in my config.
Graph Permissions:
DeviceManagementConfiguration.ReadWrite.All
Policy.Read.All
Policy.ReadWrite.ConditionalAccess
Application.Read.All
Agreement.ReadWrite.All
DeviceManagementApps.ReadWrite.All
Organization.ReadWrite.All
DeviceManagementServiceConfig.ReadWrite.All
DeviceManagementManagedDevices.ReadWrite.All
DeviceManagementRBAC.ReadWrite.All
CloudPC.ReadWrite.All
Optional:
User.ReadWrite.All
Group.ReadWrite.All
from intunemanagement.
Related Issues (20)
- Request: Add group functionality HOT 1
- Feature Request: Filter by Platform HOT 2
- Compare Intune tenants HOT 7
- Groups and filter HOT 11
- Error 0x87d1fde8 with the Reg Value. HOT 3
- Unable to load anything HOT 2
- Not importing some setting catalog policies HOT 2
- Downloading File not working HOT 8
- Newest Security Baseline for Windows 10 not showing HOT 1
- Wait for state CommitFile HOT 1
- Ability to use passkey when authenticating HOT 1
- cannot load information anymore HOT 3
- File upload fails during application import HOT 2
- Unable to log in HOT 8
- "Microsoft Intune PowerShell" is being decommissioned HOT 1
- Application export copies only json file HOT 3
- Unable to login with Google SSO linked account HOT 1
- App Configuration Policies-Settings details HOT 8
- Baseline policy import HOT 5
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from intunemanagement.