forked from iBowler1995/Functions-Intune-Graph
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathGet-IntuneApp.ps1
104 lines (84 loc) · 3.93 KB
/
Get-IntuneApp.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
function Get-IntuneApp {
<#
IMPORTANT:
===========================================================================
This script is provided 'as is' without any warranty. Any issues stemming
from use is on the user.
===========================================================================
.DESCRIPTION
Retrieves Intune managed app.
Things to change to deploy in your environment:
Line 36: replace x with clientID of your reigstered app. See https://docs.microsoft.com/en-us/graph/auth-v2-user for more info.
===========================================================================
.PARAMETER App
Required if not using All switch - Name of the app to retrieve.
.PARAMETER All
Retrieves all Intune managed apps.
.PARAMETER Status
Returns device install status for the specified app.
===========================================================================
.EXAMPLE
Assign-IntuneApp -App 7-Zip -Group Intune-7-Zip -Intent Required <--- Assigns AAD group Intune-7-Zip to 7-Zip app and sets it to require install
Assign-IntuneApp -App 7-Zip -Group Intune-7-Zip -RemoveAssignment <--- Removes Intune-7-Zip group assignment from 7-Zip app if it exists.
#>
[CmdletBinding()]
param (
[Parameter()]
[String]$App,
[Parameter()]
[Switch]$All,
[Parameter()]
[Switch]$Status
)
$token = Get-MsalToken -clientid x -tenantid organizations
$global:header = @{'Authorization' = $token.createauthorizationHeader();'ConsistencyLevel' = 'eventual'}
If (!$App -and $All){
$Uri = "https://graph.microsoft.com/beta/deviceAppManagement/mobileApps"
Try {
$AllApps = Invoke-RestMethod -Uri $Uri -Headers $Header -Method GET
$Apps = $AllApps.value | where {$_.appAvailability -notlike "*global*"}
Return $Apps
}
catch{
$ResponseResult = $_.Exception.Response.GetResponseStream()
$ResponseReader = New-Object System.IO.StreamReader($ResponseResult)
$ResponseBody = $ResponseReader.ReadToEnd()
$ResponseBody
}
}
elseif ($App -and !$All -and !$Status){
$Uri = "https://graph.microsoft.com/beta/deviceAppManagement/mobileApps?`$Filter=displayName%20eq%20'$App'"
Try {
(Invoke-RestMethod -Uri $Uri -Headers $Header -Method GET).value
}
catch{
$ResponseResult = $_.Exception.Response.GetResponseStream()
$ResponseReader = New-Object System.IO.StreamReader($ResponseResult)
$ResponseBody = $ResponseReader.ReadToEnd()
$ResponseBody
}
}
elseif ($App -and !$All -and $Status){
$Uri = "https://graph.microsoft.com/beta/deviceAppManagement/mobileApps?`$Filter=displayName%20eq%20'$App'"
Try {
$IntuneApp = (Invoke-RestMethod -Uri $Uri -Headers $Header -Method GET).value
$IntuneAppId = $IntuneApp | select -expand id
}
catch{
$ResponseResult = $_.Exception.Response.GetResponseStream()
$ResponseReader = New-Object System.IO.StreamReader($ResponseResult)
$ResponseBody = $ResponseReader.ReadToEnd()
$ResponseBody
}
Try {
$Uri = "https://graph.microsoft.com/beta/deviceAppManagement/mobileApps/$IntuneAppId/deviceStatuses"
(Invoke-RestMethod -Uri $Uri -Headers $Header).value | select id,deviceName,deviceId,lastSyncDateTime,InstallState,installStateDetail,errorCode,userPrincipalName
}
catch{
$ResponseResult = $_.Exception.Response.GetResponseStream()
$ResponseReader = New-Object System.IO.StreamReader($ResponseResult)
$ResponseBody = $ResponseReader.ReadToEnd()
$ResponseBody
}
}
}