164 lines
5.4 KiB
PowerShell
164 lines
5.4 KiB
PowerShell
<#
|
|
.SYNOPSIS
|
|
Module for read-only Intune objects
|
|
|
|
.DESCRIPTION
|
|
This module is for the Endpoint Info View. It shows read-only objects in Intune
|
|
|
|
.NOTES
|
|
Author: Mikael Karlsson
|
|
#>
|
|
function Get-ModuleVersion
|
|
{
|
|
'3.9.0'
|
|
}
|
|
|
|
function Invoke-InitializeModule
|
|
{
|
|
#Add menu group and items
|
|
$global:EMInfoViewObject = (New-Object PSObject -Property @{
|
|
Title = "Intune Info"
|
|
Description = "Displays read-only information in Intune."
|
|
ID = "EMInfoGraphAPI"
|
|
ViewPanel = $viewPanel
|
|
AuthenticationID = "MSAL"
|
|
AllowDelete = $false
|
|
ItemChanged = { Show-GraphObjects -ObjectTypeChanged; Invoke-ModuleFunction "Invoke-GraphObjectsChanged"; Write-Status ""}
|
|
Activating = { Invoke-EMInfoActivatingView }
|
|
Authentication = (Get-MSALAuthenticationObject)
|
|
Authenticate = { Invoke-EMInfoAuthenticateToMSAL }
|
|
AppInfo = (Get-GraphAppInfo "EMAzureApp" "d1ddf0e4-d672-4dae-b554-9d5bdfd93547" "EM")
|
|
SaveSettings = { Invoke-EMSaveSettings }
|
|
Permissions = @()
|
|
})
|
|
|
|
Add-ViewObject $global:EMInfoViewObject
|
|
|
|
Add-ViewItem (New-Object PSObject -Property @{
|
|
Title = "Baseline Templates"
|
|
Id = "BaselineTemplates"
|
|
ViewID = "EMInfoGraphAPI"
|
|
API = "/deviceManagement/templates"
|
|
ShowButtons = @("Export","View")
|
|
Permissons=@("DeviceManagementConfiguration.ReadWrite.All")
|
|
Icon="EndpointSecurity"
|
|
ExpandAssignmentsList = $false
|
|
})
|
|
|
|
Add-ViewItem (New-Object PSObject -Property @{
|
|
Title = "Android Google Play"
|
|
Id = "AndroidGooglePlay"
|
|
ViewID = "EMInfoGraphAPI"
|
|
ViewProperties = @("bindStatus", "lastAppSyncDateTime", "ownerUserPrincipalName")
|
|
API = "/deviceManagement/androidManagedStoreAccountEnterpriseSettings"
|
|
ShowButtons = @("Export","View")
|
|
Permissons=@("DeviceManagementConfiguration.ReadWrite.All")
|
|
ExpandAssignmentsList = $false
|
|
})
|
|
|
|
Add-ViewItem (New-Object PSObject -Property @{
|
|
Title = "Android Enrolment Profiles"
|
|
Id = "AndroidEnrolmentProfiles"
|
|
ViewID = "EMInfoGraphAPI"
|
|
API = "deviceManagement/androidDeviceOwnerEnrollmentProfiles"
|
|
ShowButtons = @("Export","View")
|
|
Permissons=@("DeviceManagementConfiguration.ReadWrite.All")
|
|
Icon = "AndroidCOWP"
|
|
ExpandAssignmentsList = $false
|
|
})
|
|
|
|
Add-ViewItem (New-Object PSObject -Property @{
|
|
Title = "Apple VPP Tokens"
|
|
Id = "AppleVPPTokens"
|
|
ViewID = "EMInfoGraphAPI"
|
|
ViewProperties = @("appleId", "state", "appleId", "id")
|
|
API = "/deviceAppManagement/vppTokens"
|
|
ShowButtons = @("Export","View")
|
|
Permissons=@("DeviceManagementConfiguration.ReadWrite.All")
|
|
ExpandAssignmentsList = $false
|
|
})
|
|
|
|
Add-ViewItem (New-Object PSObject -Property @{
|
|
Title = "Apple Enrollment Tokens"
|
|
Id = "AppleEnrollmentTokens"
|
|
ViewID = "EMInfoGraphAPI"
|
|
ViewProperties = @("tokenName", "appleIdentifier", "tokenExpirationDateTime", "id")
|
|
API = "/deviceManagement/depOnboardingSettings/?`$top=100"
|
|
ShowButtons = @("Export","View")
|
|
Permissons=@("DeviceManagementServiceConfig.ReadWrite.All")
|
|
ExpandAssignmentsList = $false
|
|
})
|
|
|
|
Add-ViewItem (New-Object PSObject -Property @{
|
|
Title = "Tenant Settings"
|
|
Id = "TenantSettings"
|
|
ViewID = "EMInfoGraphAPI"
|
|
API = "deviceManagement/settings"
|
|
NameProperty = "Name"
|
|
AlwaysImport = $true
|
|
#ExportFullObject = $true
|
|
ViewProperties = @("Name")
|
|
ShowButtons = @("Import","Export","View")
|
|
Permissons=@("DeviceManagementConfiguration.ReadWrite.All")
|
|
PreImportCommand = { Start-PreImportTenantSettings @args }
|
|
GetObjectName = { Start-GetObjectNameTenantSettings @args }
|
|
PostListCommand = { Start-PostListTenantSettings @args }
|
|
Icon="TenantSettings"
|
|
ExpandAssignmentsList = $false
|
|
})
|
|
}
|
|
|
|
function Invoke-EMInfoActivatingView
|
|
{
|
|
if(-not $global:EMInfoViewObject.ViewPanel)
|
|
{
|
|
# Use the same view panel as Intune Manager
|
|
$global:EMInfoViewObject.ViewPanel = $global:EMViewObject.ViewPanel
|
|
}
|
|
}
|
|
|
|
function Invoke-EMInfoAuthenticateToMSAL
|
|
{
|
|
$global:EMInfoViewObject.AppInfo = Get-GraphAppInfo "EMAzureApp" "d1ddf0e4-d672-4dae-b554-9d5bdfd93547" "EM"
|
|
Set-MSALCurrentApp $global:EMInfoViewObject.AppInfo
|
|
$usr = (?? $global:MSALToken.Account.UserName (Get-Setting "" "LastLoggedOnUser"))
|
|
if($usr)
|
|
{
|
|
& $global:msalAuthenticator.Login -Account $usr
|
|
}
|
|
}
|
|
|
|
function Start-PreImportTenantSettings
|
|
{
|
|
param($obj, $objectType)
|
|
|
|
$objClone = $obj | ConvertTo-Json -Depth 50 | ConvertFrom-Json
|
|
if($objClone.deviceComplianceCheckinThresholdDays -lt 1)
|
|
{
|
|
$objClone.deviceComplianceCheckinThresholdDays = 30
|
|
}
|
|
Remove-Property $objClone "@odata.type"
|
|
$json = @{ "settings" = $objClone } | ConvertTo-Json -Depth 50
|
|
(Invoke-GraphRequest -Url "deviceManagement" -Content $json -HttpMethod "PATCH") | Out-Null
|
|
|
|
return (@{"Import"=$false})
|
|
}
|
|
|
|
function Start-GetObjectNameTenantSettings
|
|
{
|
|
param($objList, $objectType)
|
|
|
|
return "Tenant Settings"
|
|
}
|
|
|
|
function Start-PostListTenantSettings
|
|
{
|
|
param($objList, $objectType)
|
|
|
|
if(($objList | measure).Count -eq 1)
|
|
{
|
|
$objList[0].Name = "Tenant Settings"
|
|
#$objList[0] | Add-Member -MemberType NoteProperty -Name "SettingName" -Value "Tenant Settings"
|
|
}
|
|
$objList
|
|
} |