Release Notes

3.9.7 - 2024-06-27

New features

Compare
- Added support for automation with batch job
- Added a new Compare provider - Intune Objects with Exported Files (Name)
  This will support comparison exported policies between environments
- Added support for skipping missing source policies
- Added support for skipping missing destination policies
  Based on Issue 203 and Issue 128
Compliance
- Added support for Compliance v2 policies eg Linx policies

Fixes

Compare
- Renamed default provider to "Exported Files with Intune Objects (Id)" from "Intune Objects with Exported Files"
Generic
- Fixed issue with domain names with special characters in Profile info
  Based on Issue 237
- Lots of spelling and languag fixes in documentation, script and UI
  A huge thank you to @ee61r1 for doing all this!
Import/Export
- Added support for exporting script for MacOS Custom attribute
  Based on Issue 244
Documentation
- App Configuration (Device) documentation updated
  Hopfully add support for Android. Not verified since I don't have one in my test environment
  Please continue discussion on the Issue below if this is still not working
  Based on Issue 231
- Added support for documenting MacOS Custom attribute
  Based on Issue 244
- Fixed issed when documenting Shell script. Code was not included
- Language files re-generated
- AppTypes file re-generated. Some apps were not documented with proper name

3.9.6 - 2024-04-22

BREAKING CHANGE
Microsoft are decommissioning the Intune PowerShell App with id d1ddf0e4-d672-4dae-b554-9d5bdfd93547, mentioned here
This was the default app in IntuneManagement. The default app is now changed to Microsoft Graph PowerShell app with id 14d82eec-204b-4c2f-b7e8-296a70dab67e
The script will automatically use that app for new installationsbr
A warning to change will be displayed if d1ddf0e4-d672-4dae-b554-9d5bdfd93547 is used
You can also register a new app, documented here and then configure that app in Settings

Note: This might require consent for the required permissions

There is no change if you are currently using a custom app or already changed to Microsoft Graph PowerShell in Settings

Also note that changing application will reset cached accounts

New features

Compare
- Added support for ignoring Basic properties and Assignments
  Based on Issue 203 and Issue 128
  NOTE: Properties will be logged but with empty value for Match

Fixes

Compare
- Fixed issue when comparing Settings Catalog settings with child settings eg Hardened UNC Paths in Security Baseline
Import/Export
- Added support for import of MSIX app content
  Based on Discussion 191
- Disable autoload of modules to prevent loading MSGraph module if found
  Based on Issue 208
Documentation
- Language files re-generated.
- AppTypes file re-generated. Some apps were not documented with proper name.

3.9.5 - 2024-01-20

Fixes

Import/Export
- Assignments were not exported for some policies with trailing . in the name
  Based on Issue 184
  NOTE: Policy will not export if full path is over 260 characters
- Fixed issue with policies not being exported when Batch was enabled in Settings
  and there was only one policy for the specified object type
- Failed to get App Protection policies when Proxy was configured
- Fixed issue with importing policies with dependency in tenants with 100+ policies for a single policy type
  Dependency only imported first page. All pages will be imported now to resolve dependencies
  Based on Issue 183
Fixed issue with multiple export folders when using %DateTime% in path
Based on Issue 189
Get Assignment Filter usage
- Filters not returned if only assigned to one policy
  Based on Issue 141
  NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage
Compare
- Comparing Settings Catalog objects with exported objects failed
  Issue cause by offline documentation was not working
  Based on Issue 183
Documentation
- Offline documentation of Settings Catalog was not working.
  Values were always documented from online object
- Conditional Access documentation updates for Android and iOS
- App Protection documentation updates for Android and iOS
- Language files re-generated. Azure shou now be Entra for some documentations.

3.9.4 - 2023-12-18

Fixes

Get Assignment Filter usage
- All policies that supports filter should now be collected
  Please create an issue if not all expected filters are listed
  Based on Issue 141
  NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage
Documentation
- Added support for documenting Conditional Access policies based on Workloads
  Not 100% tested. Please report if not documented correctly

3.9.3 - 2023-12-11

New features

New tool - Get Assignment Filter usage
- List all policies and assignments with a Filter defined
  Based on Issue 141
  NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage
Batch Export of App Content Encryption Key from Intunewin files
This script can export encryption keys from existing intunewin files
Example:
Export-EncrytionKeys -RootFolder C:\Intune\Packages -ExportFolder C:\Intune\Download
This will export the encryption key information for each .intunewinfiles under C:\Intune\Packages
One json file will be created (for each .intunwinfile) in the C:\Intune\Download folder
File name will be <IntunewinFileBaseName>_<UnencryptedFileSize>.json
Do NOT rename this file since the script will search for that file when downloading or exporting App content
The script will not require authentication and it will have no knowledge of apps in Intune
Filename and unencrypted file size is used as the identifier to match app content in Intune with encryption file
Important notes:
Exported and decrypted .intunewin files are not supported to use for import at the moment.
These files are just the "zip" version of the source and can be unzipped with any zip extraction tool
The .intunewin file used for import has the "zip" version of the file and an xml with the encryption information +
additional file information eg. msi properties, file size etc.
Use the exported unencrypted "zip" version to restore the original files. Re-run the packaging tool if it should be re-used as applications content

Please report any issues or create a discussion if there are any questions
Script is located: <RootFolder>\Scripts\Export-EncrytionKeys.ps1

Fixes

Export
- Fixed issue where Assignments were included in export even if 'Export Assignments' was unchecked
  Based on Issue 171
Documentation
- Fixed issue where filter was not documented on some policies
- Fixed issue with Word Output provider if a policy only had one settings
Custom ADMX Files
- Fixed bug with migrating custom policies between environments. Cache was not cleared when swapping tenants or imported additional ADMX files
- Fixed documentention issue with Administrative template policies in GCC environment. Name and Category was missing
  Based on Issue 174
- Custom ADMX based policies was missing properties when swapping tenant
  Based on Issue 124
Generic
- Fixed logging issues when processing objects with a group that was deleted. ID was not reported
- Generic Batch request function created to support other batch requests eg Groups

3.9.2 - 2023-10-17

New features

Application Content Export - Experimental
- Added support for Exporting Appliction with decrypted content
  App file can be downloaded during export or from the detail view of the Application
  Enable "Save Encryption File" and specify "App download folder" in Settings
  "App download folder" is used for encryption file and manual download
  File content will be downloaded to the export foler during export
  Files will be downloaded with .encrypted extension and then decrypted to original file name
  Please report any issue or any suggestions
  NOTE: This will ONLY work if the encryption file is exported and available
Authentication
- Login with application
  This will login with specified Azure App ID and Secret/Certificate that is used for Batch processes
  NOTE: This will require a restart of the app
  Start with app must use -TenantID on command line. AppID and Secret/Certificate can be specified in Settings or command line
  Example: Start-IntuneManagement.ps1 -tenantId "<TenantID>" -appid "<AppID>" -secret "<Secret>"
  See Start-WithApp.cmd for samle file
  Based on Issue 122 and Issue 134
Support for new Settings
- Save encryption file - Saves a json file with encryption data when an application file is uploaded eg created or uploaded in details view
- App download folder - Folder where application files should be downloaded and decrypted
- Login with App in UI (Preview) - Use app batch login in UI
- Use Graph 1.0 (Not Recommended) - Use Graph v1.0 instead of Beta. Note: Some features will NOT work in v1.0
  Based on Issue 170

Fixes

Documentation
- Language files re-generated eg Supersedence (preview) -> Supersedence
- Added support for documenting "Filter for devices" info for Conditional Access policies
  Based on Issue 168
Custom ADMX Files
- Fixed issues with migrating custom policies between environments (3rd time)
  Based on Issue 124
- Fixed issue when importing ADMX files - Encoding issue eg ADMX/ADML file was UTF8
  Based on Issue 169
Importing Windows LoB Apps
- Fixed issue when importing LoB Apps that was only targeted to System context
  Available Assignment option was missing after import
  Based on Discussion 164
- Added support for Depnedency and Supersedence reations at import
  Application will need to be re-exported since additinal data is added to the export file
  Based on Discussion 159
Generic
- Fixed issue when compiling Procxy CS file
- Tls 1.2 is now enforced.
  Based on Discussion 166

3.9.1 - 2023-08-30

New features

Added support for Windows Update Driver Policies
Support for new Settings
- Proxy configuration - If configured, Proxy will be used for authentication, APIs and upload
- Disable Write-Error output - Skip PowerShell errors in output

Default Settings Value Changes

Conditional Access policies will now be imported as Disabled by default
New import option added: As Exported - Change On to Report-only
This is to avoid being locked out from the tenant when importing Conditional Access policies
Based on Discussion 139

Fixes

Documentation
- Fixed issues with some Feature Updates properties
- Added missing strings on Windows Update polices
- Regenerated Language files and Translation tables for Template policies
  Note: Conditional Access string has changed file in background. Please report if there is anything missing
Custom ADMX Files
- Fixed issues with migrating custom policies between environments
- Case reopened due to something broke the initial functionality
- Only custom ADMX policies with #Definition properties can be imported into a new environment
- Based on Issue 124
Scope Tags
- Fixed issues with importing policies with Scope Tags but they were not set
- Based on Issue 133

Generic

Remove invalid characters from path.
Based on Issue 150

3.9.0 - 2023-05-04

New features

Added support for Authentication Context objects
- These are used by Conditional Access policies
  Based on Issue 109
Added support for Windows 365 Cloud PC settings
- Based on Issue 125
Added support for Export/Import Tennant Settings
- This is added the Intune Info view for now (Views -> Intune Info)
  This means that there is no support for Bulk Import/Export. It must be done manually
  This is to minimize the risk of re-importing Tenant settings
  Based on Discussion 131

Fixes

Documentation
- Added full documentation of Requirement and Detection rules for Win Apps
  Based on Issue 119
- Fixed issue were documentation could crash if Reusable Settings policies exists
  Based on Issue 123
- Regenerated Language files and Translation tables for Template policies
Intunwin File Upload
- Fixed issue when uploading very large files
  Based on Issue 112
- Fixed issue when IE not installed
Compare
- Fixed issue where Compare could generate an exception in the log
  Based on Issue 128
  Note: Issue 128 is only partially fixed. Compare needs a major update to fix the rest
Import
- Fixed an issue when creating Cloud groups based on on-prem groups without MigTable
- Fixed an issue when importing groups with a space in the beginning
  Note: Inital spaces will be removed when importing groups
- Fixed issue when importing Endpoint Status Page polices with applications defined
- Fixed issue when importing Proactive Remediations (Health Scripts) with assignments
- Fixed issue when importing a Conditional Policy with Session propery disableResilienceDefaults set to $false
- Fixed issue when importing WiFi profiles. Support for multiple references was added eg multiple server verification certificates
  Based on Issue 114
- Terms of Use was not visible in the menu
  Note: This might generate a Consent prompt if Use Default Permissions is not enabled
  Additional permission required on the Azure App: Agreement.ReadWrite.All

3.8.1 - 2023-01-26

New features

Added support for Reusable Settings objects
- These are used by some of the Endpoint Security polices like Firewall rules
  Based on private request
  Note: No documentation support yet
Added support for custom Authentication Strengths objects
- These can be used in Conditional Access policies
  Based on Issue 109
  Note: Not all issues in 109 are fixed yet and no documentation support yet
Export/Import
- PowerShell files for Health Scripts exported to the Export folder
- PowerShell files for Application Detection scripts are exported to the Export folder
  Both scripts exports are based on Issue 103
Documentation
- Documentation engine completely rewritten for Settings Catalog and had major updates for other object types
  Please create an issue if there are any problems
- Added support for HTML output
- MD output is now official with included support for CSS and single file Output.
  Based on Issue 35
- Added support for indent on sub-properties so it will be visible that a property is set based on a parent
  Based on Discussion 90
- Added option to skip assignments in the documentation
  Based on Issue 102
- Moved some Output options to generic output settings; Document scripts and Remove script signature
Generic
- Added new property on applications, InstallerType. This can be added as a new column to the View for Applications.
  It specifies the New Microsoft Store App type; UWP or Win32
  Based on Issue 101
- Added response information f an API call failed. The log should now have a better description on why an API failed.

Fixes

Documentation
- Lots of documentation issues fixed by the new Documentation engine
- Sections and policies should now be in correct alphabetic order
  Based on Discussion 90
- Fixed issues with assignments for Setting Catalog issues
  Based on Issue 102
- Translation files re-generated
- Fixed error message: "Invoke-WordTranslateColumnHeader is not recognized as the name of a cmdlet" Based on Issue 99
Authentication
- Fixed an issue when authentication to China Cloud
  Based on Issue 106

3.7.4 - 2022-11-17

Fixes

Lots of these issues are based on Issue 94
Thank you Dominique for all the amazing help with testing!

Import/Export
- Added support for Export of TermsOfUse PDF files
  Based on Issue 27
- Fixed an issue where it failed to import .intunewin files during bulk import
- Fixed issue with importing Edge app assignments
- Changed the order for Bulk delete to make sure policies are deleted in the correct order
- Lots of logging fixes for Bulk Export - Logged error when exporting object types not used
- Business Store Apps will not be delete - Not supported
- No import of assignments for default policies (Enrollment Status Page and Enrolment Restrictions)
- Lots of logging fixes for Bulk Delete - Errors if deleting default policies, trying to delete object types that were not used etc.
Documentation
- Added intent for Win32 Assignments
  Based on Issue 98
- Fixed an error when documenting Assignments for Win32 apps - Invoke-WordTranslateColumnHeader was missing/removed
  Based on Issue 99

Logging
- Added additional response error information if it failed to call a Graph API
- Missing groups will now only generate a warning instead of Graph API error
- No error for users without a profile photo

3.7.3 - 2022-10-24

Fixes

Import
- Fixed a bug where it failed to import Endpoint Security policies
- Fixed an issue where it failed to import Assignment Filters. A new property was added that is not supported during the import

3.7.2 - 2022-10-08

New features

Added support for ADMX Files (Preview)
- First version of supporting the ADMX file import
- Support for export/import policies based on ADMX files
  The import/export between environments is very tricky so please report any issues
  Note: The ADMX/ADML files must be copied to the app package folder or the policy exported folder
  The ADMX files imported is based on last modify date. This will make sure files are imported in the correct order eg Mozilla and Firefox ADMX files
  Based on Issue 84
Added support for value output type when documenting Administrative Templates
- Select Output value in the Documentation form. Value with label will add the label when documenting sub-properties
Translate TenantID when migrating policies between environment
- Any policy with a Tenant ID value will be translated when importing to a new environment
  Based on Discussion 83

Fixes

Authentication
- Fixed an issue when auhencating with certificates during batch jobs
  Fixed by @cstaubli. Thank you!
  Based on Issue 85
Export\Import Fixes
- Fixed an issue when importing Microsoft Apps files and the default document format was not set
  Based on Issue 92
Documentation
- Fixed the order of sub-properties when documenting Administrative Templates
- Fixed an issue where some xml values were not documented eg taskbar xml
- Translation files re-generated

3.7.1 - 2022-08-08

Fixes

UI
- Fixed a bug where the menu bar was empty if not logged in

3.7.0 - 2022-08-02

Breaking changes

A third header level was added when documenting to word
This level is used during bulk documentation and a group has more than one object type
Eg. The Conditional Access group documents Conditional Access, Named Locations and Terms of Use
The document will now have one section for each object type as third header level

This could break documentation if a custom word template is used, and it does not have a third level header named 'Heading 3'
Specify the name of the 'Header 3 style' value in the Word settings before documenting

New features

Support for tenant menu colors
- Set colors and add tenant name to the menu bar
- Configure this in Tenant Settings and use this to distinguish lab from production environments
  Based on Issue 63
Support for Compliance Scripts
- Added support to Export, Import and Document Compliance Scripts profiles
- Compliance Script will now be included when documenting Compliance policy objects
  Based on Issue 60

Setting changes

'Allow update on import (Preview)' is removed
The 'Import type' is now always available
Note that Replace/Update are not fully verified yet
Based on Issue 68

Fixes

Export\Import Fixes
- Target app groups was not set properly for App Protection policies during import
  Based on Issue 67
- Scope Tags were not assigned to objects during import
  This happened in environment where Scope Tags already existed before import
  Labels renamed to clarify that Scope Tags are assigned and not imported during import
  Based on Issue 61
- Default branding file had double dots in the exported file name Issue 64
- Added API throttling during batch mode
Documentation
- Some properties were not documented for Endpoint Security objects
- Authentication context name added to Conditional Access
- Translation files re-generated. This might add support for updated settings eg DFCI objects now uses separate category files

3.6.0 - 2022-06-29

New features

Silent batch job

Added support for silent batch documentation
Based on Issue 39

Support for Co-management Settings

Added support for Export,Import and Document Co-management Settings profiles

Documentation

Re-generated language files and translation files
Some changes in Android profiles, iOS VPN and Windows Wired Network
Add support for documenting the following profiles - Issue 57
- Intune Roles
- Custom Device Type Restrictions

Fixes

UI Fixes
- View did not show properties below 10 levels
Silent batch job - Issue 39
- Unchecking default values was not working
- Failed to start without configuration file
- Failed to authenticate with certificate
Documentation Fixes
- Autopilot Profiles (Issue 50)
- Kiosk Template Profiles (Issue 49)
- Endpoint Protection Template Profiles (Issue 51)
- All User/All Devices Assignments (Issue 54)
- Scope Tags for Filters and PolicySets (Issue 52)
- Local User Group Membership - members were not listed
Export\Import Fixes
- AssignmentFilters were not assigned during import (Twitter reported issue)
- Failed to assigned dependencies during import when dependency objects existed in the environment (Twitter reported issue)
- Failed to import/export lots of policies (Twitter reported issue)
  429 - Too many requests. Graph API throttling kicked in.
- PowerShell script exported with wrong encoding (Issue 48)

3.5.0 - 2022-04-26

New features

Automatic update check
The app will check GitHub at start-up if there is a new version available
This can be disabled in settings
Use PowerShell 5
Command files will now use PowerShell 5 (-version 5 in the command line)
This is based on Issue 44
Documentation
- New Word settings: Table text style and table caption location
  This is based on an additional request in Issue 37
- Terms of Use info when documenting Conditional Access
- Added documentation support for Terms of Use
- Added additional support for offline documentation
  Note: Offline is defined as documenting an exported folder while logged in to another tenant.
  If logged in to the same tenant as the exported folder, "online" documentation will be used
- Changed the layout for the assignment table on Win32 Applications. There were too many columns so additional info is changed to a table in the value column
- Filter / Filter Mode column headers are now set from language files

Export/Import
- Users in Conditional Access are now added to the Migration Table
  This is so the user IDs can be translated during Offline documentation
- Referenced settings are now included in the export
  This is to support referenced settings during import, copy and offline documentation (Certs on VPN profiles etc.)
  These properties are named #CustomRef_PropertyName in the json file
  Note: This might cause export/copy to take longer once every second week since it requires the MetaData XML for Graph to be downloaded.
  This feature can be turned off by unchecking 'Resolve reference info' in Settings

Copy
- New dialog when copying an object. Description can now be changed during the copy

- **Authentication**
- Full authentication support for US Government and China clouds
This requires that 'Show Azure AD login menu' is enabled in Settings
- Consent can be requested for missing permissions. This can be triggered via the 'Request Consent' link in the user profile info
- New version of MSAL.DLL, version 4.42.1
- Object types with only Read permissions are now supported. These will be orange in the menu
Buttons like Import and Delete will still be available but they will not work

List objects
- IsAssigned column is added to objects that supports it (property on the Graph object)
- Enable 'Expand assignments' in Settings to include Assignments when getting a full list of objects from Graph
  This can be used for adding Custom columns based on assignment info
  It is also used for setting the IsAssigned column for objects that doesn't have the info in Graph
  This is based on Issue 30
- Apps can be filtered in the request
  If there are more than 1000 applications in the environment, the filter box can be used to return only matched items
  Enter the filter in the text box and press the Refresh button. Clear the filter box and click Refresh to reload other objects
  This is based on Issue 28

Fixes

Documentation
- Fixed bug in Conditional Access documentation that caused some Grant information to be excluded from documentation
- Fixed missing properties when documenting Device restrictions (Windows 10 Team) profiles
- Fixed some Offline Documentation issues
  Get dependency info from exported folders instead of Graph
  Offline documentation is not 100% fully supported yet. Dependency applications for Win32 apps are not included in this version
  and there might be more properties missing. Please report anything missing for offline documentation to Issue 37
  Note Offline documentation will always require online access. Some information like language text, Azure roles, Mobile apps etc. will use Graph API
Authentication
- First login with last used account could fail if the user domain was changed after the initial token was cached

3.4.0 - 2022-03-01

New features

Silent batch job Export/Import can now be executed without UI
See documentation for full requirements

Note Please report any issues to Issue 39

This is based on Issue 39
Documentation
- Support for documenting an environment based on exported files
  
  Select the Source files folder in the Documentation Types (Bulk menu) dialog.
  
  Note: Some values will NOT be included. These are referenced values and not a property on the object eg Certificate on a VPN profile, Root certificate on a SCEP profile etc. These values will be documented with ##TBD...
  
  This is based on Issue 37
- Support for attaching the json file for the object in the word document
- Support for documentation output level (Word)
  Documenting the full environment can create a document with 1000+ pages depending on the amount of profiles and policies. The documentation output level can now be used to reduce the document size. The output level options are:
  - Full - Document every single value
  - Limited - Set max value and truncate size for documentation and as option, attach the original value as a text document to the value cell e.g. truncate all values over 500 characters to 10 characters and attach the full value as a text file in the document. This will reduce documentation size for profiles with large XML strings like ADMX ingestion
  - Basic - Only include the Basic and Assignments tables in the documentation
- Added support for documenting Filters
Added UI for configuring custom columns
This can now be done in the Detail View
This is based on Issue 30
Added support for updating Name and Descriptions of the object in Detail View
This is As-Is functionality. Not all object types have been tested.
It is recommended to use the portal for this.
This is based on a private request
Added support for copying an app

Note This requires that the App packages folder is specified in Settings and that the file for the app is available in that folder. If the app file is missing it can be uploaded manually in the Details view

This is based on Issue 42
Added support for manually upload an app file via the Details view

Fixes

Documentation
- Updated documentation files with support for new properties and removed unused values (Windows Updates, Windows Feature Updates etc.)
- Fixed an issue where VPN profiles in some cases was missing the Base VPN settings
- Fixed an issue when using a template
  A table of content will no longer be created. That should be included in the template
Application import
- Minor change in the app Win32 upload functionality to align to portal APIs
- The File Name is now updated to be based on the actual uploaded file
  
  Important Please create an issue if there are any problems
Fixed an issue where ESP and Enrolment Restriction objects were not listed The original filters stopped working

Note The Enrolment restrictions has changed in Graph. There is now one object for each OS type. So there will be multiple restriction objects exported. platformType column was added to identify each object

This is based on Issue 41
Minor fixes in Import/Export extensions - Required for silent batch job support
Fixed an issue where PostListCommand was not triggered
- Additional Endpoint Security columns were not listed
- Azure Branding objects was missing the language column

- Fixed issue where the Document button was not enabled when **Select All** was clicked (without selecting an object first)

This is based on Issue 36

Other minor bug fixes to support the new features

3.3.3 - 2021-12-15

Fixes

Fixed issue where displayName was missing in object list
Thank you Jason!

3.3.2 - 2021-12-14

New features

Markdown support for documentation (Experimental) This will create a MD document in the Documents folder. Note: This is not working 100% at the moment. The script will create a MD document but it might be too large if all objects in the environment are documented.

Also note that HTML tables are used so that code can be documented as code blocks. This must be supported by the MD Viewer. The Markdown Viewer extension in Chrome was used during testing.

Please report any suggestions to the issue.
This is based on Issue 35
Added support for batched export This will use batch API to request full info for up to 20 objects per batch to reduce export time This can be enabled in setting
Added support for scrolling cached users and guest accounts in the profile info
This can be enabled in settings
Added support for sorting cached users
This can be enabled in settings

Fixes

Paged return of objects
Only first page of objects will be loaded by default. Additional pages can be loaded with Load More or all available objects can be loaded with Load All.
This is based on Issue 28
Fixed an issue where a checkbox had to be clicked twice to be checked when the list was filtered
This is based on a known issue
Fixed an issue where buttons were not enabled when Select All was checked
This is based on Issue 36
Fixed an issue when adding object ID to the file name during export The separate settings file was not exported with the ID in the name which could cause issues during import

3.3.1 (Beta) - 2021-10-28

This is a BETA release. It contains core changes for Authentication and Settings management. Please report any issues here.

New features

Added support for selecting GCC when using US Government Cloud
Tenant Specific Setting

The script now supports tenant specific settings. This can be used in scenarios like: only allow delete on you test environments, tenant specific Intune app folders etc. Login settings like Cloud and GCC is only used if logging on with a cached token. It will otherwise use the current tenant settings.

Test feedback request: If there are any users accessing multiple cloud environments like US Government with different GCC levels, please report any issues, working or not. Please report it to Issue 26

Note: Not all settings have be tested and verified and only Setting Values are supported e.g. last Bulk Compare strings are global. Cached settings might not be updated when connecting to another tenant.
Log View

View the log of the current session in the app
Added support for documenting scripts for Word This is based on Issue 34
- New Script options in the Output option tab e.g. enable/disable script documentation, remove PowerShell signature block and documentation styles
- Supports PowerShell/Shell scripts, Proactive Remediations and Win32 Apps (Requirement/Detection scripts)
- Scripts will be documented in a separate table with style HTLM Code by default. Spell check is disabled for the script text.
Permission detection if Use Default Permissions is enabled

Default permissions will only use the permission consented to the selected Azure App. The script will check the required permissions with the Access Token. If permissions are missing for one or more objects, they will be marked as red in the menu or they can be excluded from the menu by enable Hide No-access items in Settings

Default Settings Value Changes

Use Default Permissions is now set to Enabled by default. With the Tenant Specific Settings feature, this can now be enabled globally or per tenant. Consultants accessing multiple environments might not have permissions to grant consent requests so this could be enabled on a global level and then disabled for tenants where the permissions can be added.

Fixes

Fixed an issue when using Json settings where it could not add child settings

3.3.0 (Beta) - 2021-10-17

This is a BETA release. It contains core changes for Authentication and Settings management. Please report any issues here.

New features

Support for Settings in Json files Settings can now be stored in json files and copied between devices.

See Readme on how to use this feature This is based on Issue 33
Bulk Compare for exported folders

The tool can now compare two exported folders This is based on Issue 32
Support for Azure AD US Government cloud and Azure AD China cloud. Default is Azure AD Public cloud.

Change cloud in Settings Note: This is a major change to the authentication. This may have an impact if a custom configured Azure app is used. This is based on Issue 26. Please report any problem, progress or testing with US Government/China cloud or if there are any issues when a custom configured Azure app is used.
Export can now add Id to the name of the backup file

This can be used if there are multiple objects with the same name.

This can be enabled in Settings. Backup file name will be _.json.
Export/Import/Compare/Delete now supports name filter Objects are filtered based on escaped RegEx -nomatch expression so wildcards are not supported.
IntuneAssignments report will now include the id of deleted groups

Fixes

Fixed an issue in Export. Groups were not exported if exporting multiple times and multiple folders during the same session.
Fixed an issue in Compare where the csv file was not stored in the correct folder
Fixed an issue in Compare where the comparing object may return System[]. This can happen if the generated files has multiple documentation items for a property. First result will be used.

3.2.3 - 2021-10-07

New features

Added support for Terms of Use Export/Import. This requires that the pdf file is available during import, in either the export folder or the Intune App folder. This is added as a Known Issue in Readme.

Note: This is in preview and it requires that the Preview option in Settings is enabled and then a script restart. This will most likely generate a new consent prompt. This is based on Issue 27
All objects are returned

This might take long time in huge environments. Please report feedback on how this works in environments with 1000+ objects e.g. does it take too long time, memory issues etc. This is based on Issue 29
Added support for custom columns This must be manually added to the registry.

See Readme on how to use this This is based on Issue 30
Object count will be displayed

Fixes

Fixed minor bugs in IntuneAssignments - Support Name for objects that don't use displayName
Regenerated documentation and language files - New properties for the iOS Device Restriction profile is now supported

3.2.2 - 2021-09-23

New features

Added support for setting Conditional Access policy state during import. The default setting is to import Conditional Access policies with the same sate as they were exported. This is based on feature request Issue 25 Note: Security defaults must be disabled before Conditional Access policies can be imported as Enabled.

Fixes

Fixed bugs when using the ImportExtension command

3.2.1 - 2021-09-04

New features

PowerShell Scripts can now be viewed and edited in the tool
Intune Tools
- Added Intune Assignment - Simple tool to quickly gather all assignments from exported objects
Documentation
- Added documentation support for
  - Scope (Tags) Note: This will generate one section for all Scopes in the word document
  - Health Scripts (Remediation Scripts)

Fixes

General
- Custom Device Configuration profiles will convert encrypted OMA URI values when the full object is loaded instead of only during Copy and Export.
- All file exports are now saved in UTF8
Compare
- Fixed issue where the wrong name was specified if the compare object was missing
- Administrative Templates, Settings Catalog and Endpoint Security will always compare based on documentation.
- Encrypted OMA URI values are now supported
Documentation
- Minor updates to support documenting all objects of a specific object type in one section instead of one section per object
- Fixed "Not Configured" value issues for empty arrays
- Fixed documentation of Microsoft 365 Apps when XML is used
- Minor updates on VPN profile documentation. EAP XML will be in XML format and removed duplicate SplitTunneling values. Note: The EAP XML will require manual update of the column sizes in Word

3.2.0 - 2021-08-15

New features

Intune Tools (New View)
- ADMX Import - Configure settings for 3rd party ADMX files with a UI similar to GPMC and create a Custom Profile based on the configured settings
- Reg Values - Add registry values to HKLM or HKCU. This will create and ADMX based on the configured settings and create a Custom Profile in Intune
  
  See ADMX Import for more information on how this works
  
  Note: There is only Import functionality in this version. It does not support updating an existing Custom Profile ADMX policies.
- Important! Consider this tool to be in preview at this moment. It has only been tested on Cloud only joined devices. It looks like there are different functionality in the Policy CSP between hybrid and cloud only joined devices. It would be great if anyone testing this on hybrid (or cloud only joined) devices could create an issue and report back the findings, even if it works as intended.
There are indications that Microsoft is implementing this into the portal UI. The groupPolicyUploadedDefinitionFile API suggests that the portal will support this in the future. It would be good if this could be integrated with the Settings Catalog.
Documentation:
- Create cover page and table of contents when no template is selected
- Select CSV delimiter when documenting to a CSV file
Compare:
- Select CSV delimiter for bulk compare

Fixes

Authentication
- The script will start even if it failed to add type TokenCacheHelperEx.
  
  This is based on Issue 21
  
  Note: The token will not support caching if this fails. This could be caused by not having write access to the \CS folder or by restrictive ASR policies
Export/Import
- Added support for exporting OMA-URI values that are stored encrypted.
  
  Note: OMA-URI strings and XML Files are stored encrypted. These values will be decrypted and stored in clear text. Be careful if sensitive data is stored e.g. passwords.
- Fix for updating existing Autopilot profiles during import. A new property was added that broke the functionality. This is based on the feature request in Issue 17
Documentation
- New handling of Not Configured properties. Skipping unconfigured properties will now skip all these properties during documentation
- Minor fixes to avoid duplicate documentation of properties
Compare
- Fixed bugs when comparing Intent objects (Endpoint Security) policies in Documentation mode.
Copy
- Copy Custom Profiles with encrypted values

Additional Changes:

Documentation files has be re-generated to support new\updated properties on Property based objects.

3.1.8 - 2021-07-18

New features

Forget cached users - Forget a user by clicking on the bin icon in the user information. This will remove the user from the cached file. It will not remove it from the browser cache.
Update existing profiles during import is moved to preview. Important: See the Import section in the Readme file for more information This is based on the feature request in Issue 17

Fixes

Fixed a bug when exporting Settings Catalog. When exporting settings based on key/value pairs, some parts were not converted to json objects. Import worked but not the update. Depth parameter was increased in the ConvertTo-Json functions.

3.1.7 - 2021-07-12

New features

Support for documenting Notifications
PREVIEW/EXPERIMENTAL - Support for Replace/Update existing profiles/policies during import. See the Import section in the Readme file for more information This is based on the feature request in Issue 17

Fixes

Fixed bug that caused an exception when listing App Protection objects and only one object existed in the environment.

See Issue 15 for more info
Import Priority based objects in the priority order specified in the files (Enrolment Restrictions and Autopilot profiles)
Set default settings for the options in the Import forms (Based on Settings)
Delete Autopilot profiles with assignments
Moved the assignments import to a separate function

3.1.6 - 2021-07-07

Fixes

Fixed invalid file name characters - Issue 19
- Added -LiteralPath to Get and Set-Content
- Save CSV in document
- Import/Export Administrative Template and Role Definitions
- Saving the PowerShell script file
- Export with assignments for multiple profiles
Added support for [ and ] in file names

Note: This can cause duplicate files if exporting to the same location as pre 3.1.6 export and the profile name contains [ or ]
Changed to custom documentation for Custom OMA-URI profiles
Administrative Template now includes definitionValues in detailed view and export
Fixed exporting PowerShell script in Bulk export. Option was only available if PowerShell was active type.
Fixed issue with MigrationTable when exporting from two different environments without restart. The Group information was save to the same MigrationTable.

3.1.5 - 2021-07-06

Fixes

Fixed rushed update for Issue 18
Fixed bug in Compare module

3.1.4 - 2021-07-06

Fixes

Fixed issue importing Administrative Templates

See Issue 18 for more info

3.1.3 - 2021-07-05

New features

Bulk Compare
- Compare with exported files
- Compare with existing objects based on name patterns
Bulk Copy
- Copy existing objects based on name patterns
Support for documenting PolicySets
Release Notes check - Check if there are any updates by comparing the local version of ReleaseNotes.md with the GitHub version

Fixes

Fixed bug that caused an exception when exporting objects with an assignment and the 'Export Assignment' option disabled.

See Issue 16 for more info
Export Assignments in Bulk Export and Object Export did not get default value from Settings
Fixed issue where the required permissions were not passed during authentication

3.1.2 - 2021-06-20

New features

Delete and Bulk Delete - Delete selected items or delete ALL items of selected object types

Note: This must be enabled in the settings. They are not visible by default.

WARNING: Use this carefully! It will delete profiles and policies in Intune.
Support for new object Health Scripts
Object permissions is now handled by ViewObject and authentication provider. This is to support future view extensions.

Fixes

Azure Role Read permission can be disabled in settings
Minor UI changes e.g. List Boxes for bulk Import/Export changed to DataGrid
Minor bulk export fixes

3.1.1 - 2021-06-16

New features

Download script for Custom Attribute
Documentation
- Added support for additional objects (Enrollment restrictions)

Fixes

Failed to get user information during logon. Something was changed in Graph that caused calling ME with full ODATA to fail.
Added RoleManagement.Read.Directory as a default required permission.

NOTE: This will most likely cause a consent prompt
Some additional minor fixes

3.1.0 - 2021-06-08

Breaking Changes

Export folder for PowerShell is changed to PowerShellScripts

New features

Documentation
- Document Intune objects to CSV or Word
- Object will be documented with text from Intune
- Document in any supported language
- See Documentation for more information
  
  Note: This is the first version of the documentation. It does not support ALL object types and might be missing some properties
Compare
- Compare objects with exported files
- Property comparison
- Documentation comparison
Support for additional objects
- Quality Updates, Filters, Mac Scripts and Custom Attributes

Azure AD role displayed in token info
Fixed sending additional headers in the Graph request

Fixes

Support for Privacy Access Controls in Windows 10 Device Restriction profiles
Support for AppLocker files in WIP policy
Select All checkboxes moved from below data grids to the header of the column

3.0.0 Beta 1 - 2021-04-01

Breaking changes

Dropped support for Azure Branding and MAM/MDM settings...for now
Import might not work for items exported with previous versions. Some folders are renamed, import is depending on additional information.

New features

Authentication managed by Microsoft Authentication Library (MSAL)
- Support for switching user
- Support for switching tenant. Multi tenant support must be enabled in Settings
- Token info, Profile picture info support etc.
- See MSAL info for more information
Support for multiple Views - Intune Management and Intune Info for now...
- Intune Management - Export/Import/Copy objects in Intune
- Intune Info - Show information about some objects in Intune
Improved UI experience
- Support for resizing the Window
- Support for searching for objects
- Refresh objects in the list
- Scaled popup dialogs
API management redeveloped from scratch to simplify support for new object types in the future
Support for new object types (Settings Catalog, Named Locations, Scope Tags, Policy Sets etc.)
Better support for migrating objects between environments
- Group migrations e.g. support for Dynamic Groups, different group types etc.
- Support for dependency objects e.g. Policy Sets reference other objects like Compliance Settings etc. The import of an object uses exported json files to identify dependent items and map old Id to the new Id in the target environment
- Support for migrating Scope Tags (Uses the dependency functionallity so Scope Tags must be Exported/Imported)
- Better support for migrating Assignments

Dependencies

MSAL - Microsoft.Identity.Client.dll. This is included in Az / MSAL.PS modules or it can be installed separately. This release was developed and tested with MSAL version 4.21.0.0.

2.0.0 - 2021-02-01

Breaking changes

Removed support for AzureRM

New features

Support for Az module

Fixes

Allow more than 9 Conditional Access policies. Issue #5
Include WIP policies. Issue #7
Import is not working. Issue #6 and #4
Intune module can now be install with scope user. Issue #8

1.0.0

Intune Management with PowerShell
Dependencies: Intune and AzureRM PowerShell modules

Files

ReleaseNotes.md

Latest commit

History

ReleaseNotes.md

File metadata and controls

Release Notes

3.9.7 - 2024-06-27

3.9.6 - 2024-04-22

3.9.5 - 2024-01-20

3.9.4 - 2023-12-18

3.9.3 - 2023-12-11

3.9.2 - 2023-10-17

3.9.1 - 2023-08-30

3.9.0 - 2023-05-04

3.8.1 - 2023-01-26

3.7.4 - 2022-11-17

3.7.3 - 2022-10-24

3.7.2 - 2022-10-08

3.7.1 - 2022-08-08

3.7.0 - 2022-08-02

3.6.0 - 2022-06-29

3.5.0 - 2022-04-26

3.4.0 - 2022-03-01

3.3.3 - 2021-12-15

3.3.2 - 2021-12-14

3.3.1 (Beta) - 2021-10-28

3.3.0 (Beta) - 2021-10-17

3.2.3 - 2021-10-07

3.2.2 - 2021-09-23

3.2.1 - 2021-09-04

3.2.0 - 2021-08-15

3.1.8 - 2021-07-18

3.1.7 - 2021-07-12

3.1.6 - 2021-07-07

3.1.5 - 2021-07-06

3.1.4 - 2021-07-06

3.1.3 - 2021-07-05

3.1.2 - 2021-06-20

3.1.1 - 2021-06-16

3.1.0 - 2021-06-08

3.0.0 Beta 1 - 2021-04-01

2.0.0 - 2021-02-01

1.0.0