Prerequisites
- Upgrade to PowerShell 5.1 or later
- Run PowerShell as an Administrator
- Install .NET Framework 4.7.2 or later
- Update PowerShellGet to the latest version using Install-Module PowerShellGet -Force
- RemoteSign Required >> Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
- If you have PIM installed and live, ensure you have "Global Reader" activated for queries, if you need to make changes you will require "Intune Administrator"
Connect to Intune
If you are annoyed by having to use a website to manage a MDM then this is how you manage the Intune portal via PowerShell, first you will need to install the MS Graph module into PowerShell, I chose to add this for all users on the server.......
Install-Module Microsoft.Graph.Intune -Scope AllUsers -Force
This will then download the modules and get them installed as you can see here.....
If you got the sea of red when you ran this, then you did not run this as an administrator, go back and try again.....
Once installed you need to connect to MS Graph with this:
Connect-MSGraph
This will then confirm you tenant ID and UPN as you can see below:
Right now you have a connection, to see what you can do, you can use this command
Get-Command -Module Microsoft.Graph.Intune
This will list all the commands you can use, which is nice to know,
Use it with a purpose
I was interested in knowing when the certificate connectors were last active, so I found a github resource here
This seemed to give you a couple of commands including these, and its the top one I am intrested in as this checks the connector required......
CertificateConnector_Get.ps1
Validate-NDESConfiguration.ps1
Validate-NDESUrl.ps1
This was therefore downloaded as a raw powershell, and after a careful eye on what it does and checking the code is "issues" and testing in my lab, this fixed a question I wanted to know, so it was downloaded as the powershell file, I then navigated to that directory and ran the code, knowing what it would do from the lab.....
.\intune_connector.ps1
This then asked me to confirm my UPN like this: