Skip to content

Commit 723f54c

Browse files
JohnDupreyJohnDuprey
authored
Merge pull request KelvinTegelaar#1340 from Ren-Roros-Digital/intune
fix: fixes InTune Template deployment for Intune and Windows Update
2 parents 348b5bd + 0a2d233 commit 723f54c

File tree

5 files changed

+79
-4
lines changed

5 files changed

+79
-4
lines changed

Modules/CIPPCore/Public/Entrypoints/HTTP Functions/Endpoint/MEM/Invoke-ListIntunePolicy.ps1

Lines changed: 15 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -43,6 +43,16 @@ Function Invoke-ListIntunePolicy {
4343
method = 'GET'
4444
url = "/deviceManagement/windowsFeatureUpdateProfiles?`$expand=assignments&top=200"
4545
}
46+
@{
47+
id = 'windowsQualityUpdatePolicies'
48+
method = 'GET'
49+
url = "/deviceManagement/windowsQualityUpdatePolicies?`$expand=assignments&top=200"
50+
}
51+
@{
52+
id = 'windowsQualityUpdateProfiles'
53+
method = 'GET'
54+
url = "/deviceManagement/windowsQualityUpdateProfiles?`$expand=assignments&top=200"
55+
}
4656
@{
4757
id = 'GroupPolicyConfigurations'
4858
method = 'GET'
@@ -78,6 +88,11 @@ Function Invoke-ListIntunePolicy {
7888
'*microsoft.graph.macOSEndpointProtectionConfiguration*' { 'MacOS Endpoint Protection' }
7989
'*microsoft.graph.androidWorkProfileGeneralDeviceConfiguration*' { 'Android Configuration' }
8090
'*windowsFeatureUpdateProfiles*' { 'Feature Update' }
91+
'*windowsQualityUpdatePolicies*' { 'Quality Update' }
92+
'*windowsQualityUpdateProfiles*' { 'Quality Update' }
93+
'*iosUpdateConfiguration*' { 'iOS Update Configuration' }
94+
'*windowsDriverUpdateProfiles*' { 'Driver Update' }
95+
'*configurationPolicies*' { 'Device Configuration' }
8196
default { $_.'[email protected]' }
8297
}
8398
$Assignments = $_.assignments.target | Select-Object -Property '@odata.type', groupId

Modules/CIPPCore/Public/New-CIPPBackupTask.ps1

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -41,6 +41,8 @@ function New-CIPPBackupTask {
4141
"https://graph.microsoft.com/beta/deviceAppManagement/mobileAppConfigurations?`$expand=assignments&`$filter=microsoft.graph.androidManagedStoreAppConfiguration/appSupportsOemConfig%20eq%20true"
4242
'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies'
4343
'https://graph.microsoft.com/beta/deviceManagement/windowsFeatureUpdateProfiles'
44+
'https://graph.microsoft.com/beta/deviceManagement/windowsQualityUpdatePolicies'
45+
'https://graph.microsoft.com/beta/deviceManagement/windowsQualityUpdateProfiles'
4446
)
4547

4648
$Policies = foreach ($url in $GraphURLS) {

Modules/CIPPCore/Public/New-CIPPIntuneTemplate.ps1

Lines changed: 12 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -103,6 +103,18 @@ function New-CIPPIntuneTemplate {
103103
$DisplayName = $Template.displayName
104104
$TemplateJson = ConvertTo-Json -InputObject $Template -Depth 100 -Compress
105105
}
106+
'windowsQualityUpdatePolicies' {
107+
$Type = 'windowsQualityUpdatePolicies'
108+
$Template = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)/$($ID)" -tenantid $tenantfilter | Select-Object * -ExcludeProperty id, lastModifiedDateTime, '@odata.context', 'ScopeTagIds', 'supportsScopeTags', 'createdDateTime'
109+
$DisplayName = $Template.displayName
110+
$TemplateJson = ConvertTo-Json -InputObject $Template -Depth 100 -Compress
111+
}
112+
'windowsQualityUpdateProfiles' {
113+
$Type = 'windowsQualityUpdateProfiles'
114+
$Template = New-GraphGetRequest -uri "https://graph.microsoft.com/beta/deviceManagement/$($urlname)/$($ID)" -tenantid $tenantfilter | Select-Object * -ExcludeProperty id, lastModifiedDateTime, '@odata.context', 'ScopeTagIds', 'supportsScopeTags', 'createdDateTime'
115+
$DisplayName = $Template.displayName
116+
$TemplateJson = ConvertTo-Json -InputObject $Template -Depth 100 -Compress
117+
}
106118
}
107119
return [PSCustomObject]@{
108120
TemplateJson = $TemplateJson

Modules/CIPPCore/Public/New-CIPPTemplateRun.ps1

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -91,6 +91,8 @@ function New-CIPPTemplateRun {
9191
"https://graph.microsoft.com/beta/deviceAppManagement/mobileAppConfigurations?`$expand=assignments&`$filter=microsoft.graph.androidManagedStoreAppConfiguration/appSupportsOemConfig%20eq%20true"
9292
'https://graph.microsoft.com/beta/deviceManagement/configurationPolicies'
9393
'https://graph.microsoft.com/beta/deviceManagement/windowsFeatureUpdateProfiles'
94+
'https://graph.microsoft.com/beta/deviceManagement/windowsQualityUpdatePolicies'
95+
'https://graph.microsoft.com/beta/deviceManagement/windowsQualityUpdateProfiles'
9496
)
9597

9698
$Policies = foreach ($url in $GraphURLS) {

Modules/CIPPCore/Public/Set-CIPPIntunePolicy.ps1

Lines changed: 48 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -122,6 +122,8 @@ function Set-CIPPIntunePolicy {
122122
$DisplayName = ($RawJSON | ConvertFrom-Json).Name
123123
$CheckExististing = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter
124124
if ($DisplayName -in $CheckExististing.name) {
125+
$PolicyFile = $RawJSON | ConvertFrom-Json | Select-Object * -ExcludeProperty Platform, PolicyType, CreationSource
126+
$RawJSON = ConvertTo-Json -InputObject $PolicyFile -Depth 100 -Compress
125127
$ExistingID = $CheckExististing | Where-Object -Property Name -EQ $DisplayName
126128
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PUT -body $RawJSON
127129
$CreateRequest = $CheckExististing | Where-Object -Property Name -EQ $DisplayName
@@ -140,11 +142,12 @@ function Set-CIPPIntunePolicy {
140142
$CheckExististing = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter
141143
if ($DisplayName -in $CheckExististing.displayName) {
142144
$PostType = 'edited'
145+
$PolicyFile = $RawJSON | ConvertFrom-Json | Select-Object * -ExcludeProperty inventorySyncStatus, newUpdates, deviceReporting, approvalType
146+
$RawJSON = ConvertTo-Json -InputObject $PolicyFile -Depth 100 -Compress
143147
$ExistingID = $CheckExististing | Where-Object -Property displayName -EQ $displayname
144148
Write-Host 'We are editing'
145-
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PUT -body $RawJSON
149+
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PATCH -body $RawJSON
146150
$CreateRequest = $CheckExististing | Where-Object -Property displayName -EQ $DisplayName
147-
148151
} else {
149152
$PostType = 'added'
150153
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter -type POST -body $RawJSON
@@ -159,9 +162,11 @@ function Set-CIPPIntunePolicy {
159162
$CheckExististing = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter
160163
if ($DisplayName -in $CheckExististing.displayName) {
161164
$PostType = 'edited'
165+
$PolicyFile = $RawJSON | ConvertFrom-Json | Select-Object * -ExcludeProperty deployableContentDisplayName, endOfSupportDate, installLatestWindows10OnWindows11IneligibleDevice
166+
$RawJSON = ConvertTo-Json -InputObject $PolicyFile -Depth 100 -Compress
162167
$ExistingID = $CheckExististing | Where-Object -Property displayName -EQ $displayname
163168
Write-Host 'We are editing'
164-
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PUT -body $RawJSON
169+
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PATCH -body $RawJSON
165170
$CreateRequest = $CheckExististing | Where-Object -Property displayName -EQ $DisplayName
166171

167172
} else {
@@ -170,7 +175,46 @@ function Set-CIPPIntunePolicy {
170175
Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantFilter) -message "Added policy $($DisplayName) via template" -Sev 'info'
171176
}
172177
}
173-
178+
'windowsQualityUpdatePolicies' {
179+
$PlatformType = 'deviceManagement'
180+
$TemplateTypeURL = 'windowsQualityUpdatePolicies'
181+
$File = ($RawJSON | ConvertFrom-Json)
182+
$DisplayName = $File.displayName ?? $File.Name
183+
$CheckExististing = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter
184+
if ($DisplayName -in $CheckExististing.displayName) {
185+
$PostType = 'edited'
186+
$PolicyFile = $RawJSON | ConvertFrom-Json | Select-Object *
187+
$RawJSON = ConvertTo-Json -InputObject $PolicyFile -Depth 100 -Compress
188+
$ExistingID = $CheckExististing | Where-Object -Property displayName -EQ $displayname
189+
Write-Host 'We are editing'
190+
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PATCH -body $RawJSON
191+
$CreateRequest = $CheckExististing | Where-Object -Property displayName -EQ $DisplayName
192+
} else {
193+
$PostType = 'added'
194+
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter -type POST -body $RawJSON
195+
Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantFilter) -message "Added policy $($DisplayName) via template" -Sev 'info'
196+
}
197+
}
198+
'windowsQualityUpdateProfiles' {
199+
$PlatformType = 'deviceManagement'
200+
$TemplateTypeURL = 'windowsQualityUpdateProfiles'
201+
$File = ($RawJSON | ConvertFrom-Json)
202+
$DisplayName = $File.displayName ?? $File.Name
203+
$CheckExististing = New-GraphGETRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter
204+
if ($DisplayName -in $CheckExististing.displayName) {
205+
$PostType = 'edited'
206+
$PolicyFile = $RawJSON | ConvertFrom-Json | Select-Object * -ExcludeProperty releaseDateDisplayName, deployableContentDisplayName
207+
$RawJSON = ConvertTo-Json -InputObject $PolicyFile -Depth 100 -Compress
208+
$ExistingID = $CheckExististing | Where-Object -Property displayName -EQ $displayname
209+
Write-Host 'We are editing'
210+
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL/$($ExistingID.Id)" -tenantid $tenantFilter -type PATCH -body $RawJSON
211+
$CreateRequest = $CheckExististing | Where-Object -Property displayName -EQ $DisplayName
212+
} else {
213+
$PostType = 'added'
214+
$CreateRequest = New-GraphPOSTRequest -uri "https://graph.microsoft.com/beta/$PlatformType/$TemplateTypeURL" -tenantid $tenantFilter -type POST -body $RawJSON
215+
Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantFilter) -message "Added policy $($DisplayName) via template" -Sev 'info'
216+
}
217+
}
174218
}
175219
Write-LogMessage -headers $Headers -API $APINAME -tenant $($tenantFilter) -message "$($PostType) policy $($Displayname)" -Sev 'Info'
176220
if ($AssignTo) {

0 commit comments

Comments
 (0)