IntuneManagement Versions Save

Copy, export, import, delete, document and compare policies and profiles in Intune and Azure with PowerShell script and WPF UI. Import ADMX files and registry settings with ADMX ingestion. View and edit PowerShell script.

3.9.6

3 weeks ago

BREAKING CHANGE

Microsoft are decommissioning the Intune PowerShell App with id d1ddf0e4-d672-4dae-b554-9d5bdfd93547, mentioned here This was the default app in IntuneManagement. The default app is now changed to Microsoft Graph PowerShell app with id 14d82eec-204b-4c2f-b7e8-296a70dab67e The script will automatically use that app for new installations A warning to change will be displayed if d1ddf0e4-d672-4dae-b554-9d5bdfd93547 is used You can also register a new app, documented here and then configure that app in Settings

Note: This might require consent for the required permissions

There is no change if you are currently using a custom app or already changed to Microsoft Graph PowerShell in Settings

Also note that changing application will reset cached accounts

New features

  • Compare
    • Added support for ignoring Basic properties and Assignments Based on Issue 203 and Issue 128 NOTE: Properties will be logged but with empty value for Match

Fixes

  • Compare

    • Fixed issue when comparing Settings Catalog settings with child settings eg Hardened UNC Paths in Security Baseline

  • Import/Export

    • Added support for import of MSIX app content Based on Discussion 191
    • Disable autoload of modules to prevent loading MSGraph module if found Based on Issue 208

  • Documentation

    • Language files re-generated.
    • AppTypes file re-generated. Some apps were not documented with proper name.

3.9.5

3 months ago

  • Import/Export

    • Assignments were not exported for some policies with trailing . in the name Based on Issue 184 NOTE: Policy will not export if full path is over 260 characters
    • Fixed issue with policies not being exported when Batch was enabled in Settings and there was only one policy for the specified object type
    • Failed to get App Protection policies when Proxy was configured
    • Fixed issue with importing policies with dependency in tenants with 100+ policies for a single policy type Dependency only imported first page. All pages will be imported now to resolve dependencies Based on Issue 183

  • Fixed issue with multiple export folders when using %DateTime% in path Based on Issue 189

  • Get Assignment Filter usage

    • Filters not returned if only assigned to one policy Based on Issue 141 NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage

  • Compare

    • Comparing Settings Catalog objects with exported objects failed Issue cause by offline documentation was not working Based on Issue 183

  • Documentation

    • Offline documentation of Settings Catalog was not working. Values were always documented from online object
    • Conditional Access documentation updates for Android and iOS
    • App Protection documentation updates for Android and iOS
    • Language files re-generated. Azure shou now be Entra for some documentations.

3.9.4

4 months ago

Fixes

  • Get Assignment Filter usage

    • All policies that supports filter should now be collected Please create an issue if not all expected filters are listed Based on Issue 141 NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage

  • Documentation

    • Added support for documenting Conditional Access policies based on Workloads Not 100% tested. Please report if not documented correctly

3.9.3

5 months ago

New features

  • New tool - Get Assignment Filter usage

    • List all policies and assignments with a Filter defined Based on Issue 141 NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage

  • Batch Export of App Content Encryption Key from Intunewin files This script can export encryption keys from existing intunewin files Example: Export-EncrytionKeys -RootFolder C:\Intune\Packages -ExportFolder C:\Intune\Download This will export the encryption key information for each .intunewinfiles under C:\Intune\Packages One json file will be created (for each .intunwinfile) in the C:\Intune\Download folder File name will be <IntunewinFileBaseName>_<UnencryptedFileSize>.json Do NOT rename this file since the script will search for that file when downloading or exporting App content The script will not require authentication and it will have no knowledge of apps in Intune Filename and unencrypted file size is used as the identifier to match app content in Intune with encryption file Important notes: Exported and decrypted .intunewin files are not supported to use for import at the moment. These files are just the "zip" version of the source and can be unzipped with any zip extraction tool The .intunewin file used for import has the "zip" version of the file and an xml with the encryption information + additional file information eg. msi properties, file size etc. Use the exported unencrypted "zip" version to restore the original files. Re-run the packaging tool if it should be re-used as applications content

    Please report any issues or create a discussion if there are any questions Script is located: <RootFolder>\Scripts\Export-EncrytionKeys.ps1

Fixes

  • Export

    • Fixed issue where Assignments were included in export even if 'Export Assignments' was unchecked Based on Issue 171

  • Documentation

    • Fixed issue where filter was not documented on some policies
    • Fixed issue with Word Output provider if a policy only had one settings

  • Custom ADMX Files

    • Fixed bug with migrating custom policies between environments. Cache was not cleared when swapping tenants or imported additional ADMX files
    • Fixed documentention issue with Administrative template policies in GCC environment. Name and Category was missing Based on Issue 174
    • Custom ADMX based policies was missing properties when swapping tenant Based on Issue 124

  • Generic

    • Fixed logging issues when processing objects with a group that was deleted. ID was not reported
    • Generic Batch request function created to support other batch requests eg Groups

3.9.2

7 months ago

New features

  • Application Content Export - Experimental

    • Added support for Exporting Appliction with decrypted content App file can be downloaded during export or from the detail view of the Application Enable "Save Encryption File" and specify "App download folder" in Settings "App download folder" is used for encryption file and manual download File content will be downloaded to the export foler during export Files will be downloaded with .encrypted extension and then decrypted to original file name Please report any issue or any suggestions NOTE: This will ONLY work if the encryption file is exported and available

  • Authentication

    • Login with application This will login with specified Azure App ID and Secret/Certificate that is used for Batch processes NOTE: This will require a restart of the app Start with app must use -TenantID on command line. AppID and Secret/Certificate can be specified in Settings or command line Example: Start-IntuneManagement.ps1 -tenantId "<TenantID>" -appid "<AppID>" -secret "<Secret>" See Start-WithApp.cmd for samle file Based on Issue 122 and Issue 134

  • Support for new Settings

    • Save encryption file - Saves a json file with encryption data when an application file is uploaded eg created or uploaded in details view
    • App download folder - Folder where application files should be downloaded and decrypted
    • Login with App in UI (Preview) - Use app batch login in UI
    • Use Graph 1.0 (Not Recommended) - Use Graph v1.0 instead of Beta. Note: Some features will NOT work in v1.0 Based on Issue 170

Fixes

  • Documentation

    • Language files re-generated eg Supersedence (preview) -> Supersedence
    • Added support for documenting "Filter for devices" info for Conditional Access policies Based on Issue 168

  • Custom ADMX Files

    • Fixed issues with migrating custom policies between environments (3rd time) Based on Issue 124
    • Fixed issue when importing ADMX files - Encoding issue eg ADMX/ADML file was UTF8 Based on Issue 169

  • Importing Windows LoB Apps

    • Fixed issue when importing LoB Apps that was only targeted to System context Available Assignment option was missing after import Based on Discussion 164
    • Added support for Depnedency and Supersedence reations at import Application will need to be re-exported since additinal data is added to the export file Based on Discussion 159

  • Generic

    • Fixed issue when compiling Procxy CS file
    • Tls 1.2 is now enforced. Based on Discussion 166

3.9.1

8 months ago

New features

  • Added support for Windows Update Driver Policies

  • Support for new Settings

    • Proxy configuration - If configured, Proxy will be used for authentication, APIs and upload
    • Disable Write-Error output - Skip PowerShell errors in output

Default Settings Value Changes

  • Conditional Access policies will now be imported as Disabled by default
  • New import option added: As Exported - Change On to Report-only
  • This is to avoid being locked out from the tenant when importing Conditional Access policies
  • Based on Discussion 139

Fixes

  • Documentation

    • Fixed issues with some Feature Updates properties
    • Added missing strings on Windows Update polices
    • Regenerated Language files and Translation tables for Template policies Note: Conditional Access string has changed file in background. Please report if there is anything missing

  • Custom ADMX Files

    • Fixed issues with migrating custom policies between environments
    • Case reopened due to something broke the initial functionality
    • Only custom ADMX policies with #Definition properties can be imported into a new environment
    • Based on Issue 124

  • Scope Tags

    • Fixed issues with importing policies with Scope Tags but they were not set
    • Based on Issue 133

Generic

  • Remove invalid characters from path.
  • Based on Issue 150

3.9.0.1

1 year ago

3.9.0 - 2023-05-04

New features

  • Added support for Authentication Context objects

    • These are used by Conditional Access policies Based on Issue 109

  • Added support for Windows 365 Cloud PC settings

  • Added support for Export/Import Tennant Settings

    • This is added the Intune Info view for now (Views -> Intune Info) This means that there is no support for Bulk Import/Export. It must be done manually This is to minimize the risk of re-importing Tenant settings Based on Discussion 131

Fixes

  • Documentation
    • Added full documentation of Requirement and Detection rules for Win Apps Based on Issue 119
    • Fixed issue were documentation could crash if Reusable Settings policies exists Based on Issue 123
    • Regenerated Language files and Translation tables for Template policies
  • Intunwin File Upload
    • Fixed issue when uploading very large files Based on Issue 112
    • Fixed issue when IE not installed
  • Compare
    • Fixed issue where Compare could generate an exception in the log Based on Issue 128 Note: Issue 128 is only partially fixed. Compare needs a major update to fix the rest
  • Import
    • Fixed an issue when creating Cloud groups based on on-prem groups without MigTable
    • Fixed an issue when importing groups with a space in the beginning Note: Inital spaces will be removed when importing groups
    • Fixed issue when importing Endpoint Status Page polices with applications defined
    • Fixed issue when importing Proactive Remediations (Health Scripts) with assignments
    • Fixed issue when importing a Conditional Policy with Session propery disableResilienceDefaults set to $false
    • Fixed issue when importing WiFi profiles. Support for multiple references was added eg multiple server verification certificates Based on Issue 114
    • Terms of Use was not visible in the menu Note: This might generate a Consent prompt if Use Default Permissions is not enabled Additional permission required on the Azure App: Agreement.ReadWrite.All

3.8.1

1 year ago

New features

  • Added support for Reusable Settings objects

    • These are used by some of the Endpoint Security polices like Firewall rules Based on private request Note: No documentation support yet

  • Added support for custom Authentication Strengths objects

    • These can be used in Conditional Access policies Based on Issue 109 Note: Not all issues in 109 are fixed yet and no documentation support yet

  • Export/Import

    • PowerShell files for Health Scripts exported to the Export folder
    • PowerShell files for Application Detection scripts are exported to the Export folder Both scripts exports are based on Issue 103

  • Documentation

    • Documentation engine completely rewritten for Settings Catalog and had major updates for other object types Please create an issue if there are any problems
    • Added support for HTML output
    • MD output is now official with included support for CSS and single file Output. Based on Issue 35
    • Added support for indent on sub-properties so it will be visible that a property is set based on a parent Based on Discussion 90
    • Added option to skip assignments in the documentation Based on Issue 102
    • Moved some Output options to generic output settings; Document scripts and Remove script signature

  • Generic

    • Added new property on applications, InstallerType. This can be added as a new column to the View for Applications. It specifies the New Microsoft Store App type; UWP or Win32 Based on Issue 101
    • Added response information f an API call failed. The log should now have a better description on why an API failed.

Fixes

  • Documentation

    • Lots of documentation issues fixed by the new Documentation engine
    • Sections and policies should now be in correct alphabetic order Based on Discussion 90
    • Fixed issues with assignments for Setting Catalog issues Based on Issue 102
    • Translation files re-generated
    • Fixed error message: "Invoke-WordTranslateColumnHeader is not recognized as the name of a cmdlet" Based on Issue 99

  • Authentication

    • Fixed an issue when authentication to China Cloud Based on Issue 106

3.7.3.1

1 year ago

Fixes

  • Import
    • Fixed a bug where it failed to import Endpoint Security policies
    • Fixed an issue where it failed to import Assignment Filters. A new property was added that is not supported during the import

3.7.2

1 year ago

New features

  • Added support for ADMX Files (Preview)
    • First version of supporting the ADMX file import
    • Support for export/import policies based on ADMX files The import/export between environments is very tricky so please report any issues Note: The ADMX/ADML files must be copied to the app package folder or the policy exported folder The ADMX files imported is based on last modify date. This will make sure files are imported in the correct order eg Mozilla and Firefox ADMX files Based on Issue 84
  • Added support for value output type when documenting Administrative Templates
    • Select Output value in the Documentation form. Value with label will add the label when documenting sub-properties
  • Translate TenantID when migrating policies between environment
    • Any policy with a Tenant ID value will be translated when importing to a new environment Based on Discussion 83

Fixes

  • Authentication

    • Fixed an issue when auhencating with certificates during batch jobs Fixed by @cstaubli. Thank you! Based on Issue 85

  • Export\Import Fixes

    • Fixed an issue when importing Microsoft Apps files and the default document format was not set Based on Issue 92

  • Documentation

    • Fixed the order of sub-properties when documenting Administrative Templates
    • Fixed an issue where some xml values were not documented eg taskbar xml
    • Translation files re-generated