msendpointmgr / intune Goto Github PK
View Code? Open in Web Editor NEWMicrosoft Intune scripts
License: MIT License
Microsoft Intune scripts
License: MIT License
This causes the script to fail.
Install-Printer.ps1 refuse to run when inf file in a subfolder's name with a space.
I found an few issues with the script
PS C:\temp\ .\Invoke-MSIntuneDriverUpdate.ps1
At C:\temp\Invoke-MSIntuneDriverUpdate.ps1:304 char:6
try {
~
Missing closing '}' in statement block or type definition.
At C:\temp\Invoke-MSIntuneDriverUpdate.ps1:323 char:62
~
The Try statement is missing its Catch or Finally block.
At C:\temp\Invoke-MSIntuneDriverUpdate.ps1:274 char:27
~
Missing closing '}' in statement block or type definition.
At C:\temp\Invoke-MSIntuneDriverUpdate.ps1:323 char:62
~
Unexpected token ')' in expression or statement.
At C:\temp\Invoke-MSIntuneDriverUpdate.ps1:439 char:129
~~~~~~~
Unexpected token '\Driver' in expression or statement.
At C:\temp\Invoke-MSIntuneDriverUpdate.ps1:724 char:244
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
The string is missing the terminator: '.
+ CategoryInfo : ParserError: (:) [], ParseException
+ FullyQualifiedErrorId : MissingEndCurlyBrace
$LocationServiceStatusValue errors querying value if the value doesn't exist, causing the entire script to fail.
Hi, We have run this script via Intune and it copies the new Wallpaper from our Azure Storage to the Desktop, however, when I check the log it as the following error and does not automatically set our new corporate wallpaper as the default. Any thoughts? Thanks Steve
<![LOG[Failed to revert permissions for wallpaper image file. Error message: Cannot convert value "ALL RESTRICTED APPLICATION PACKAGES" to type "Security2.IdentityReference2". Error: "Some or all identity references could not be translated."]LOG]!><time="14:57:03.980+0" date="06-17-2022" component="WindowsDesktopWallpaper" context="NATIONWIDEHIRE\SteveK" type="3" thread="7268" file="">
<![LOG[Failed to revert permissions for wallpaper image file. Error message: Cannot convert value "ALL RESTRICTED APPLICATION PACKAGES" to type "Security2.IdentityReference2". Error: "Some or all identity references could not be translated."]LOG]!><time="16:59:18.345+0" date="06-17-2022" component="WindowsDesktopWallpaper" context="NATIONWIDEHIRE\SteveK" type="3" thread="6656" file="">
The use of a break
statement after Write-Warning
, when not in a loop, will case also consumers of this commandlet to exit execution. See https://docs.microsoft.com/en-us/powershell/module/microsoft.powershell.core/about/about_break?view=powershell-7.1 section Do not use break
outside of a loop
, switch
, or trap
Write-Warning -Message "Failure to acquire access token. Response with access token was null"; break
Below is with context in PSIntuneAuth.psm1
# Check if access token was acquired
if ($AuthenticationResult.AccessToken -ne $null) {
Write-Verbose -Message "Successfully acquired an access token for authentication"
# Construct authentication hash table for holding access token and header information
$Authentication = @{
"Content-Type" = "application/json"
"Authorization" = -join("Bearer ", $AuthenticationResult.AccessToken)
"ExpiresOn" = $AuthenticationResult.ExpiresOn
}
# Return the authentication token
return $Authentication
}
else {
Write-Warning -Message "Failure to acquire access token. Response with access token was null"; break
}
This isssue can be seen using a script like this.
$Tenant = "sometenant.onmicrosoft.com"
[securestring]$password = ConvertTo-SecureString "AlwaysWr0ng!" -AsPlainText -Force
[pscredential]$credentials = New-Object System.Management.Automation.PSCredential ("[email protected]", $password)
Write-Host "Getting the AuthToken ..."
$Global:AuthToken = Get-MSIntuneAuthToken -TenantName $Tenant -Credential $credentials
Write-Host "This will never be executed ... "
This would be better implemented with this pattern:
else {
Write-Warning -Message "Failure to acquire access token. Response with access token was null";
return $null
}
Hi,
I keep stumbling on reading the registry via an Intune Script.
I have tried the registry path with:
Registry::HKEY_LOCAL_MACHINE\SOFTWARE...
Registry::HKLM\SOFTWARE...
HKLM:SOFTWARE.....
HKLM:\SOFTWARE....
This is my command, which works fine from PowerShell:
Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Provisioning\Diagnostics\AutoPilot -Name 'DeploymentProfileName' | Select-Object 'DeploymentProfileName' -ExpandProperty 'DeploymentProfileName'
Intune Log records the fail as:
<![LOG[[PowerShell] Fail, the details are {"Version":1,"SigningCode":649,"SigningMsg":"(Success) AccountId:00fa6d33-858d-4d5b-9ed2-80dfca1b527b,PolicyId:d5043367-ae81-4ec1-b8c7-684d6d62045d,Type:1,Enforce: Enforcement2. OSVersion:10.0.22621,AgentVersion:1.60.206.0. ","ExecutionMsg":"Get-ItemProperty : Cannot find path 'HKLM:\SOFTWARE\Microsoft\Provisioning\Diagnostics\AutoPilot' because it does not \r\nexist.\r\nAt C:\Program Files (x86)\Microsoft Intune Management \r\nExtension\Policies\Scripts\c9e33b9e-6140-4340-ba29-42028da8c153_d5043367-ae81-4ec1-b8c7-684d6d62045d.ps1:12 char:20\r\n+ ... lotConfig = Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\Provision ...\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~\r\n + CategoryInfo : ObjectNotFound: (HKLM:\SOFTWARE\...stics\AutoPilot:String) [Get-ItemProperty], ItemNotFo \r\n undException\r\n + FullyQualifiedErrorId : PathNotFound,Microsoft.PowerShell.Commands.GetItemPropertyCommand\r\n \r\n\r\n"}]LOG]!><time="10:15:26.0134720" date="11-24-2022" component="IntuneManagementExtension" context="" type="3" thread="85" file="">
Hello I got this error via Intune Autopilot: Error message: The name "Get-AzStorageBlob" was not recognized as th name of a cmdlet, function script file or executable program. Check the spelling of the name, or if the path is correct (if included), and retry the operation.
Any idea? It looks like the module is missing.
Pretty cool script. I get an parse error - I'm not great with PowerShell. Any ideas?
The image file is public and online, and both the store account name and account container name er correct.
Any suggestions? :)
New-AzStorageContext : Invalid URI: The hostname could not be parsed.
At \vmware-host\Shared Folders\Desktop\set-wallpapers-script-v2.ps1:68 char:30
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Could you check for either the AzureAD or AzureADPreview module as a prerequisite? I only have the AzureADPreview module installed, which would work fine.
If no driver package is found, a variable should be set so that the drivers are searched automatically in a further step.
Line 335 in Get-IntuneManagedDeviceBitLockerKeyPresence.ps1 should look like:
$BitLockerRecoveryKeys = Invoke-MSGraphOperation -Get -APIVersion "v1.0" -Resource "informationProtection/bitlocker/recoveryKeys?`$select=id,createdDateTime,deviceId" -Headers $AuthenticationHeader -Verbose:$VerbosePreference
A command Get-IntuneWin32AppAssignment, that returns the app assignments in a data structure that can be applied using the Add-IntuneWin32AppAssignment would help in many scenarios.
[parameter(Mandatory=$false, HelpMessage="Specify the AppRegistration Secret for the Application ID.")]
[ValidateNotNullOrEmpty()]
[string]$AppSecret,
And change the token retrieval:
$Global:AuthToken = Get-MSIntuneAuthToken -TenantName $TenantName -ClientID $ApplicationID -ClientSecret $AppSecret
As long as the custom AppID has appropriate permissions, it SHOULD be remotable.
90:
because the certificate can carry multiple FQDN it should be changed to:
same for $ClientAuthenticationCertificate in line104
This is the only script output given:
Usage: /s /e /f
/s - Un-package the package in silent mode (not showing user interaction UI)
/f - Runtime switch that overrides the default target path specified in build time
/e - Prevent execution of default executable file specified in build time.
Only extracting the content files to target folder(Use this with /s /f)
The logs show it waiting for the driver extraction but nothing is extracted to the driver folder, so after the 30 second sleep it says there are no driver inf files found.
When I run the following manually, it extracts:
PS C:\Temp\SCConfigMgr\Temp\Driver Cab> .\sp99401.exe /s /e /f "C:\Temp\SCConfigMgr\Temp\Driver Files"
Currently, code to retrieve $ServerFQDN from "Certificates/Install-MSIntuneNDESServer.ps1" retrieves the logged on user's domain to append to the computername:
$ServerFQDN = -join($env:COMPUTERNAME, ".", $env:USERDNSDOMAIN.ToLower())
To make this more universal, in case the user logged in is not in the server domain, suggest using the .NET class:
$ServerFQDN = [System.Net.Dns]::GetHostByName($env:computerName).HostName
This will make the variable correct independent of the logged on user's DNS domain.
Hi Nickola.
I was trying to run this script in ISE and PS 7, but I'm getting different errors depending on the used app.
ISE:
WARNING: An error occurred while attempting to retrieve an authentication token. Error message: Cannot convert argument "builder", with value: "Microsoft.Identity.Client.PublicClientApplicationBuilde
r", for "WithDesktopFeatures" to type "Microsoft.Identity.Client.PublicClientApplicationBuilder": "Cannot convert the "Microsoft.Identity.Client.PublicClientApplicationBuilder" value of type "Microso
ft.Identity.Client.PublicClientApplicationBuilder" to type "Microsoft.Identity.Client.PublicClientApplicationBuilder"."
PS 7:
WARNING: An error occurred while attempting to retrieve an authentication token. Error message: A parameter cannot be found that matches parameter name 'CreateIfMissing'.
Is there anything I can do for making it to work?
Thanks in advance!
I am trying to use the latest version of Upload-WindowsAutopilotDeviceInfo (1.2.1)
The notes say "1.2.1 - (2023-06-07) Improved access token retrieval, now supports client credentials flow using ClientID and ClientSecret parameters"
Yet when I run the script and pass a CLIENT ID and a CLIENT secret from an azure app I made, it still pops up with a username and password prompt. What am I doing wrong?
Is there any guidance to how to create the enterprise app to work right? What permissions should be turned on in the app?
Example of code I tried.. but it still asks for a username and password.
Install-Script -Name Upload-WindowsAutopilotDeviceInfo -force -confirm:$false -Scope "AllUsers"
$tenant = "mydomain.com"
$ClientID = "12sdsdsdsd-ffff-ssss-eeee-dsfsdfsdfsdf"
$Clientsecret = "blablablabla"
cd "$env:ProgramFiles\WindowsPowerShell\Scripts"
./Upload-WindowsAutopilotDeviceInfo -TenantName $tenant -ClientID $clientID -ClientSecret $clientsecret
MS technet has 1.0.4 while this git repo only contains 1.0.2.
Hello,
Can you update this script to include the recent fixes to Autopilot Whiteglove?
Currently user-targeted apps are not deploying when using this script to add Autopilot devices.
https://oofhours.com/2020/04/20/random-news-of-the-week-new-white-glove-fix-updated-intune-module/
Hello all,
I'm currently ramping up for our new IPU sequence and working through testing with our CMG. When trying to get the script working, it keeps getting to a failure when trying to pull a token. I was able to track down the sign-in logs to find the following error in AzureAD:
Application '{appId}'({appName}) is requesting a token for itself. This scenario is supported only if resource is specified using the GUID based App Identifier.
I have all of the variables set as recommended, including using a custom MDMApplicationIDURI (our Desktop Analytics registration took the default https://ConfigMgrService). This was not set in our last IPU project as we had not enabled Desktop Analytics at that point.
I'm struggling to resolve the above failure though, which I believe will allow the rest of the script to work. Any help/guidance is appreciated.
This Module checks if AzureAD module is installed and it checks and install it . also clobber with AzureADpreview.
This code is not working in Azure Automation account because on Azure Automation sandbox they dont allow installing modules . can you please fix this behavior
hi,
i am running the Invoke-HPDriverUpdate.ps1 script and i am getting this log file error. Any idea if this is a cert issue on the HP side or on my side? i ran all of the steps manually (downloaded the latest HPCMSL and HPIA w/o error).
<![LOG[Unable to install HPCMSL module from repository. Error message: Authenticode issuer 'CN=HP Inc., OU=HP Cybersecurity, O=HP Inc., L=Palo Alto, S=California, C=US' of the new module 'HP.Private' with version '1.6.7' from root certificate authority 'CN=DigiCert Trusted Root G4, OU=www.digicert.com, O=DigiCert Inc, C=US' is not matching with the authenticode issuer 'CN=HP Inc., OU=HP Cybersecurity, O=HP Inc., L=Palo Alto, S=California, C=US' of the previously-installed module 'HP.Private' with version '1.6.4' from root certificate authority 'CN=DigiCert Assured ID Root CA, OU=www.digicert.com, O=DigiCert Inc, C=US'. If you still want to install or update, use -SkipPublisherCheck parameter.]LOG]!><time="17:16:56.730+-480" date="08-22-2022" component="HPDriverUpdate" context="NT AUTHORITY\SYSTEM" type="3" thread="17680" file="">
A command to remove an Intune Win32App would be helpfull.
It runs, it does NOT error, but device never appears in Autopilot and local output is:
@odata.context : https://graph.microsoft.com/beta/$metadata#deviceManagement/importedWindowsAutopilotDeviceI
dentities/$entity
id : dc40a435-c6ca-41a6-812c-2f3b0f477bed
groupTag :
serialNumber : 5P9KMX3
productKey : dc40a435-c6ca-41a6-812c-2f3b0f477bed
importId : dc40a435-c6ca-41a6-812c-2f3b0f477bed
hardwareIdentifier :
assignedUserPrincipalName :
state : @{deviceImportStatus=unknown; deviceRegistrationId=; deviceErrorCode=0; deviceErrorName=}```
Hi there,
Since Microsoft has changed the AzureAD Module to 2.0.2.180 PSIntuneAuth isn't functioning anymore, and therefore scripts that rely on this module, like Invoke-CMApplyDriverPackage and BIOSPackage when requesting packages over the CMG.
It seems PSIntuneAuth has a dependency on the AzureAD module because of some DLLs which don't exist anymore in the latest version of the AzureAD Module.
Work-A-Round for now is installing the AzureAD Module (latest) and then adding the missing DLLs from the 2.0.2.140 version. But possibly a quick fix could be to lock the PSIntuneAuth Module to the AzureAD module that does have those DLLs. Long term however, I'd guess the module (or the Apply Driver & Bios Package scripts) needs a bit of rework to get that Auth token that's being used.
Kind regards,
Kevin
Hello,
Could you please let me know if the downloaded drivers are verified with checksum / hash value?
Line 194:
$ClientAuthenticationKeyContainerName = $ClientAuthenticationCertificate.PrivateKey.CspKeyContainerInfo.KeyContainerName
to
$ClientAuthenticationKeyContainerName = $ClientAuthenticationCertificate.PrivateKey.CspKeyContainerInfo.UniqueKeyContainerName
Hello,
I deployed Install-CloudLAPS_SchTask.ps1 to Windows 10 devices (different OS languages) through Intune; CloudLAPS was deployed correctly to all targeted devices, however for some devices the Status column returns Failed.
Looking at IntuneManagementExtension.log on these clients I found this error:
[PowerShell] Fail, the details are {"Version":1,"SigningCode":649,"SigningMsg":"(Success) AccountId:cea65ad1-a3f8-45a2-ae0d-56f2ebfa2f75,PolicyId:e9bc75ec-b503-4d3f-8ed6-d3bdf5750708,Type:1,Enforce: Audit. OSVersion:10.0.19044,AgentVersion:1.52.256.0. ","ExecutionMsg":"Install-CloudLAPSClient : Failed to Set ACL on Cloud LAPS Client Script. Error message: Ausnahme beim Aufrufen von \r\n\"RemoveAccessRuleAll\" mit 1 Argument(en): \"Manche oder alle Identitätsverweise konnten nicht übersetzt werden.\"\r\nIn C:\\Program Files (x86)\\Microsoft Intune Management \r\nExtension\\Policies\\Scripts\\879ed8b6-166a-419c-a7e1-ccae81b43443_e9bc75ec-b503-4d3f-8ed6-d3bdf5750708.ps1:622 Zeichen:1\r\n+ Install-CloudLAPSClient\r\n+ ~~~~~~~~~~~~~~~~~~~~~~~\r\n + CategoryInfo : NotSpecified: (:) [Write-Error], WriteErrorException\r\n + FullyQualifiedErrorId : Microsoft.PowerShell.Commands.WriteErrorException,Install-CloudLAPSClient\r\n \r\n\r\n"}
It seems to fail while executing the RemoveAccessRuleAll:
593 - $ACL2 = Get-ACL -Path $CloudLAPSClientScriptPath
594 - $ACE_Remove = New-Object system.security.AccessControl.FileSystemAccessRule("Users", "Read", "Allow")
595 - $ACL2.RemoveAccessRuleAll($ACE_Remove)
.
I suppose the problem is related to FileSystemAccessRule; The Users name (I assume it is referred to BUILTIN\Users) depends on OS language. So converting it to a language neutral:
593 - $ACL2 = Get-ACL -Path $CloudLAPSClientScriptPath
594 - $BuiltinUsers = New-Object System.Security.Principal.SecurityIdentifier -ArgumentList @([System.Security.Principal.WellKnownSidType]::BuiltinUsersSid, $null)
595 - $ACE_Remove = New-Object system.security.AccessControl.FileSystemAccessRule($BuiltinUsers, "Read", "Allow")
596 - $ACL2.RemoveAccessRuleAll($ACE_Remove)
References:
What about ?
hi,
i noticed that HPIA has been superseded from 4.5.8 (sp103654) to 5.0.3 (sp110416). has anyone tested with the newer HPIA?
As per here https://msendpointmgr.com/2019/10/31/silently-enable-bitlocker-for-hybrid-azure-ad-joined-devices-using-windows-autopilot/, we are using this script to force start bitlocker on autopilot enrolled devices.
If the device is already encrypted and a machine reset is performed, the intune process fails and the script log file contains "Group Policy settings require that a recovery password be specified before encrypting the drive".
Can this script be modified in any way to allow an already-ecrypted drive to be refreshed?
thank you!
Just tried to run the command and with or without the -GroupTag parameter we get this error.
<![LOG[======== Intune Driver Automation - Dell Latitude E7440 DRIVER PROCESSING FINISHED ========]LOG]!><time="12:03:08.849+60" date="04-16-2019" component="DriverAutomationScript" context="NT-AUTORITÄT\SYSTEM" type="1" thread="5568" file="">
<![LOG[Driver package location is C:\Temp\SCConfigMgr\Temp\Driver Files]LOG]!><time="12:03:08.942+60" date="04-16-2019" component="DriverAutomationScript" context="NT-AUTORITÄT\SYSTEM" type="1" thread="5568" file="">
<![LOG[Starting driver installation process]LOG]!><time="12:03:09.036+60" date="04-16-2019" component="DriverAutomationScript" context="NT-AUTORITÄT\SYSTEM" type="1" thread="5568" file="">
<![LOG[Reading drivers from C:\Temp\SCConfigMgr\Temp\Driver Files]LOG]!><time="12:03:09.146+60" date="04-16-2019" component="DriverAutomationScript" context="NT-AUTORITÄT\SYSTEM" type="1" thread="5568" file="">
<![LOG[An error occurred while attempting to apply the driver maintenance package. Error message: Dieser Befehl kann aufgrund des folgenden Fehlers nicht ausgeführt werden: Das System kann die angegebene Datei nicht finden.]LOG]!><time="12:03:09.364+60" date="04-16-2019" component="DriverAutomationScript" context="NT-AUTORITÄT\SYSTEM" type="3" thread="5568" file="">
How can i fix that?
I have tried to run the Set-WindowsTimeZone script on several builds of Windows 10 and 11. The only change I made to the script is the key for AzureMaps.
During the Enable-LocationServices function, the following code is used to let Windows apps access location:
Intune/Autopilot/Set-WindowsTimeZone.ps1
Lines 181 to 182 in 539205c
However, by doing so, the location services are still force enabled after the script finished execution:
To get rid of this, I've edited the Disable-LocationServices function to include the LetAppsAccessLocation DWord and set it to 0:
$AppsAccessLocation = "HKLM:\SOFTWARE\Policies\Microsoft\Windows\AppPrivacy"
Set-RegistryValue -Path $AppsAccessLocation -Name "LetAppsAccessLocation" -Value 0 -Type "DWord"
After execution:
Hello has anyone run the script successfully ?
After following the instructions and running the script like this :
.\Get-IntuneManagedDeviceBitLockerKeyPresence.ps1 -TenantID "xxxxxxxxxxxx" -ClientID "yyyyyyyyyy" -State NotPresent -Verbose
This returns all of my devices .
If run with state Present it returns none.
Are these modules compatible with Powershell 7.0.3 ? Everything seem to work fine on Powershell 5, but on Powershell 7 I get the following warnings/errors:
WARNING: Failed to determine if an update to the PSIntuneAuth module is necessary, will continue
WARNING: Failure to acquire access token. Response with access token was null
Please help would be amazing to be able to incorporate this into our work!
The GraphAPI has had a change so there are a couple of things I had to change to fix this. Should I submit my changes below:
Line 175 should be this: $TokenExpireMins = (([datetime]$Headers["ExpiresOn"]).ToUniversalTime() - $UTCDateTime).Minutes
It wasn't converting ExpiresOn to UTC time so any comparison that happened would end up in the past.
Line 335: $BitLockerRecoveryKeys = Invoke-MSGraphOperation -Get -APIVersion "Beta" -Resource "informationProtection/bitlocker/recoveryKeys?`$select=id,createdDateTime,deviceId" -Headers $AuthenticationHeader -Verbose:$VerbosePreference
used to have the -Resource start as just bitlocker/ needed to add in informationProtection/bitlocker
After changing those it works again.
Thanks for this - I came across your script looking to improve my own. A couple of things on my wish-list:
shutdown /r /t 0
to make sure we remove the "empty" Autopilot profile that would have been created if network was available at beginning of OOBE. (Only works on 1809 and later: https://docs.microsoft.com/en-us/windows/deployment/windows-autopilot/troubleshooting#profile-download)Using these two in combination would allow for even less manual work required to enroll and deploy a device.
I might come back to add this in a PR unless you beat me to it - would you consider accepting it in that case?
On my Lenovo machine, the Invoke-MSIntuneDriverUpdate.ps1 update script seems to be failing to parse the catalog.xml file from Lenovo's website.
The console output indicates that the $global:LenovoModelXML
variable is null.
You cannot call a method on a null-valued expression.
At [file path]\MSEndpointMgr\Intune\Drivers\Invoke-MSIntuneDriverUpdate.ps1:268 char:4
+ $global:LenovoModelXML.GetType().FullName | Out-Null
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (:) [], RuntimeException
+ FullyQualifiedErrorId : InvokeMethodOnNull
I did some debugging and the value $global:LenovoModelXML
seems to be null because the script is having trouble parsing the catalog.xml file. The log shows the following:
<![LOG[Error: Cannot convert value "???<?xml version="1.0" encoding="utf-8"?>
<Products>
<Product model="Tablet10" family="len" os="win10" build="*">
<Queries>
<Types>
...
[truncated - goes on to show entire catalog.xml file]
...
</Products>" to type "System.Xml.XmlDocument". Error: "The specified node cannot be inserted as the valid child of this node, because the specified node is the wrong type."]LOG]!><time="19:34:24.399+-360" date="01-06-2022" component="DriverAutomationScript" context="[my username]" type="3" thread="18112" file="">
Could this be related to the XML file's UTF-8 encoding? Some sources seem to indicate that the ???
at the beginning of the file in the log may be a Byte Order Mark (BOM) that's causing problems with parsing.
It doesn't seem like this is specific to my environment, but I'd take any suggestions.
Thank you!
I have set up an App Registration and have added the following permissions:
Group.ReadWrite.All
Device.ReadWrite.All
DeviceManagementManagedDevices.ReadWrite.All
DeviceManagementServiceConfig.ReadWrite.All
GroupMember.ReadWrite.All
When I use this app with the script, it still prompts for me to sign in before the hash is uploaded. Is there a way around this?
Thanks
With the recent announcement from Microsoft that scripts containing the Intune application ID (d1ddf0e4-d672-4dae-b554-9d5bdfd93547) will need to be updated with the new application ID. Does anyone know if this one or those in PowerShell gallery when using "Install-Script -Name Upload-WindowsAutopilotDeviceInfo" will be updated?
Have deployed many of printers with this script but myself and anther coleege are having a issue with the script now where it produces this in the log file
##################################
<time="15:29:04.648 570" date="06-28-2024">
##################################
Install Printer using the following values...
Port Name: IP_10.86.1.53
Printer IP: 10.86.1.53
Printer Name: Unley - Sharp MX-3070V
Driver Name: SHARP MX-3070V PCL6
INF File: su0emenu.inf
<Staging Driver to Windows Driver Store using INF "su0emenu.inf"> <time="15:29:04.827 570" date="06-28-2024">
<Running command: Start-Process pnputil.exe -ArgumentList /add-driver su0emenu.inf -wait -passthru> <time="15:29:04.849 570" date="06-28-2024">
<time="15:29:04.970 570" date="06-28-2024">
<System.InvalidOperationException: This command cannot be run due to the error: The system cannot find the file specified.
at System.Management.Automation.MshCommandRuntime.ThrowTerminatingError(ErrorRecord errorRecord)> <time="15:29:04.995 570" date="06-28-2024">
<time="15:29:05.079 570" date="06-28-2024">
It seems that the install cant find the INF file but i have checked and even decrypted the intunewin to check and the file is in there. Anyone else seen this it seems like an issue with intune deployment in general but posting there to see if anyone is able to assist.
Thank you,
J
I followed the script alternative described in
https://msendpointmgr.com/2021/02/02/manage-desktop-wallpaper-with-microsoft-intune
And I would like some assistance in regards to my client’s failure to take ownership message prompted. I have pushed this script, but I am getting log errors.
I think it is important to notice this Win10 Pro (19042.1052) client’s are all Azure Active Directory Joined and managed through the Microsoft Endpoint Manager and with Windows Defender turned on.
There are no local accounts in the devices. I noticed that I needed to change the Administrator and User security groups to match the local language (Spanish MX).
I do not know if there are other language groups to be changed in the script, or If I am missing out other reasons that could be preventing the for the taking ownership command to execute correctly.
I tried to run the script by logging in physically in one device and permissions are requested in a prompt window. Images downloaded and stored but it is not replacing.
Thanks!
Hi,
There was an AzureAD module version 2.0.2.180 released yesterday. It breaks the Upload-WindowsAutopilotDeviceInfo.ps1 script because of a missing Microsoft.IdentityModel.Clients.ActiveDirectory.dll in this version. Is there an option to update the script with a required old version? And push this to powershellgallery?
Eg.
#Requires -Modules @{ ModuleName="AzureAD"; ModuleVersion="2.0.2.140" }
And maybe later have a new script based on MSGraph module?
Kind Regards,
Jeroen
It would be nice, to have additional parameters for Add-IntuneWin32App command, so the following attributes can be submitted:
When using any command, I get
Failure to acquire access token. Response with access token was null
When using the -Promptbehavior Auto or RefreshSession switch, a window opens with the following error message:
AADSTS90002: Tenant 'token' not found. This may happen if there are no active subscriptions for the tenant. Check to make sure you have the correct tenant ID. Check with your subscription administrator.
I have an active subscription.
Running the Add-IntuneWin32App create a sub folder in the folder containing the intunewin package file with the name of the setup file containing an IntunePackage.intunewin, which is a duplicate of the file given in the FilePath parameter.
If this is necessary, it should be deleted after finishing the command.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google ❤️ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.