forked from JayRHa/Intune-Scripts
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy-DeviceConfigurationProfile.ps1
115 lines (95 loc) · 4.06 KB
/
Copy-DeviceConfigurationProfile.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
<#
Version: 1.0
Author: Jannik Reinhard (jannikreinhard.com)
Script: Copy-DeviceConfigurationPolicy
Description:
Copy an configuration profile in intune. This script does not work with ADMX templates
Release notes:
Version 1.0: Init
#>
function Get-AuthToken {
[cmdletbinding()]
param
(
[Parameter(Mandatory=$true)]
$User
)
$userUpn = New-Object "System.Net.Mail.MailAddress" -ArgumentList $User
$tenant = $userUpn.Host
$AadModule = Get-Module -Name "AzureAD" -ListAvailable
if ($AadModule -eq $null) {
Write-Host "AzureAD PowerShell module not found, looking for AzureADPreview"
$AadModule = Get-Module -Name "AzureADPreview" -ListAvailable
}
$adal = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
$adalforms = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll"
[System.Reflection.Assembly]::LoadFrom($adal) | Out-Null
[System.Reflection.Assembly]::LoadFrom($adalforms) | Out-Null
$clientId = "d1ddf0e4-d672-4dae-b554-9d5bdfd93547"
$redirectUri = "urn:ietf:wg:oauth:2.0:oob"
$resourceAppIdURI = "https://graph.microsoft.com"
$authority = "https://login.microsoftonline.com/$Tenant"
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority
$platformParameters = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters" -ArgumentList "Auto"
$userId = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.UserIdentifier" -ArgumentList ($User, "OptionalDisplayableId")
$authResult = $authContext.AcquireTokenAsync($resourceAppIdURI,$clientId,$redirectUri,$platformParameters,$userId).Result
$authHeader = @{
'Content-Type'='application/json'
'Authorization'="Bearer " + $authResult.AccessToken
'ExpiresOn'=$authResult.ExpiresOn
}
return $authHeader
}
function Get-ListOfProfiles {
$response = Invoke-RestMethod -Uri https://graph.microsoft.com/v1.0/deviceManagement/deviceConfigurations -Headers $authToken -Method GET
$profiles = @()
$nr = 1
foreach ($profile in $response.value)
{
$objProfile = [PSCustomObject]@{
number = $nr
id = $profile.id
name = $profile.displayName
description = $profile.description
profile =$profile
}
$profiles += $objProfile
$nr++
}
return $profiles
}
function Import-ConfigurationProfile {
param(
[Parameter(Mandatory)]
$ConfigProfile
)
$profile = $ConfigProfile | Select-Object -Property * -ExcludeProperty id,createdDateTime,lastModifiedDateTime,version,supportsScopeTags
$profile = $ConfigProfile | ConvertTo-Json
Write-Host $profile
Invoke-RestMethod -Uri https://graph.microsoft.com/v1.0/deviceManagement/deviceConfigurations -Headers $authToken -Method Post -Body $profile -ContentType "application/json"
}
##################################################
#Get auth toke
if(-not $global:authToken.Authorization){
if($User -eq $null -or $User -eq ""){
$User = Read-Host -Prompt "Please specify your user principal name for Azure Authentication"
Write-Host
}
$global:authToken = Get-AuthToken -User $User
}
# Write all existing confi profiles
$profiles = Get-ListOfProfiles
Write-Host "++++++++++++++++++++++++++++++"
Write-Host "+++++++Config Profiles++++++++"
Write-Host "++++++++++++++++++++++++++++++"
$profiles.ForEach({Write-Host " - " $_.name})
Write-Host "++++++++++++++++++++++++++++++"
$profileName = Read-Host "Enter the name of the profile you want to copy"
$profileToBeCopied = ($profiles | where {$_.name -eq "$profileName"})[0]
if($profileToBeCopied -eq $null) {
Write-Host "Profile not found" -ForegroundColor Yellow
return
}
$profileNameNew = Read-Host "Enter the new name of the object you want to create"
$profileToBeCopied.profile.displayName = $profileNameNew
Import-ConfigurationProfile -ConfigProfile $profileToBeCopied.profile