michaelsendpoint.com

Appearance

Micrososft Intune

Create a Intune Configuration Catalog Policy with json source

Why the external source?

Modularity makes the code more flexible and gives 3rd Partys the possibility to make changes without understanding programing language. In Addition, it is easier for you to apropriate the Code for another program.

TIP

To get the configuration you want in a file, you can just create the Configuration Policy in Intune and export it afterswards to .json. But keep in mind, that the .json format delivert by intune will not be ready to be read by powershell. You need to go through it and check that it has the right patterns shown below (':' instead of '=', ',' at the end of lines and " or ' around text.)

Code

powershell
# Connect to Microsoft Graph
Connect-MgGraph -Scopes 'DeviceManagementConfiguration.ReadWrite.All'

# Define the Graph URI
 $uri = 'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies'
  
# Define the path to the directory containing your JSON files
$ScriptPath = ($MyInvocation.MyCommand).Path
$ScriptDirectory = Split-Path $ScriptPath -Parent
$jsonFilesDirectory = "$($ScriptDirectory)\[your subfolder]]"
 
# Get all JSON files in the directory
$jsonFiles = Get-ChildItem -Path $jsonFilesDirectory -Filter *.json
 
# Loop through each JSON file
foreach ($jsonFile in $jsonFiles) {
		# Read the content of the JSON file and convert it to a PowerShell object
		$Json = Get-Content -Path $jsonFile.FullName
		Invoke-MgGraphRequest -Method Post -Uri $uri -ContentType 'Application/Json' -Body $json
}

Json Example

json
{
    "description":  "This Policy mangages the update timings of the Microsoft Defender AntiVirus components. ",
    "name":  "Windows_Defender",
    "platforms":  "windows10",
    "technologies":  "mdm",
    "settings":  [
                     {
                         "@odata.type":  "#microsoft.graph.deviceManagementConfigurationSetting",
                         "settingInstance":  {
                                                 "@odata.type":  "#microsoft.graph.deviceManagementConfigurationChoiceSettingInstance",
                                                 "settingDefinitionId":  "device_vendor_msft_defender_configuration_engineupdateschannel",
                                                 "settingInstanceTemplateReference":  null,
                                                 "choiceSettingValue":  {
                                                                            "@odata.type":  "#microsoft.graph.deviceManagementConfigurationChoiceSettingValue",
                                                                            "settingValueTemplateReference":  null,
                                                                            "value":  "device_vendor_msft_defender_configuration_engineupdateschannel_0",
                                                                            "children@odata.type":  "#Collection(microsoft.graph.deviceManagementConfigurationSettingInstance)",
                                                                            "children":  [
                                                                                         ]
                                                                        }
                                             }
                     }
                 ]
}

Copyright © 2024 Michael Frank