Posted November 28, 20231 yr Happy Holidays folks! I had a wild-hair idea to write one short blog post, per day, for 12 days along the theme of the “Twelve Days of Christmas” song. I made the mistake of mentioning the idea to one Arnab Mitra - yes, THAT Arnab Mitra. Don't let the smile fool you - he twisted my arm to follow through on the idea, soooo here you go. You won’t find seven swans a-swimming, nor ten lords a-leaping, but here’s one drummer-drumming ( Neil Peart). For Post #1, I offer to you a quick'n'easy way to use Intune Remediations to get some info from Windows PCs. Last reboot dates/times are frequently used as simple indicators of life for devices. I was asked if this is captured anywhere in Intune and oddly, I'd never looked - but as I went hunting through Intune (Portal and Graph), the more I looked, the more I couldn't find it anywhere obvious. "Surely it can't be THIS hard...?" So, with the help of some folks here (one Marius Wyss and here - and Uma Thakur), we mashed up this quick solution to deliver a 'Remediation' package to the devices which gets the last boot date/time and then returns the results to the Intune portal. It’s not perfect (for one, it doesn’t account for ‘fast boot’) but it gave me a rough idea and it took just a few minutes to get it to work. I hope it helps! 1. Create a simple PowerShell script to query the system for the info you’re chasing: [ATTACH=full]56929[/ATTACH] 2. From the Intune Portal > Devices > Remediations spot, create a ‘script package,' upload that script as the ‘Detection script’ and configure the other settings and assignment: [ATTACH=full]56930[/ATTACH] [ATTACH=full]56931[/ATTACH] This only runs in ‘detect-mode’ because I didn’t create/add a ‘Remediation script:’ [ATTACH=full]56932[/ATTACH] 3. Once the Policy/settings have gone out to the enrolled PCs, the detection script will run and return the results to the portal (up to 2048 characters per device). 4. To see the results, from the portal, click the ‘Columns’ option and add the ‘Pre-remediation detection output’ to see the output from the script [ATTACH=full]56933[/ATTACH] 5. Clicking the ‘Review’ link will open the results for that system: [ATTACH=full]56934[/ATTACH] [ATTACH=full]56935[/ATTACH] If you want a report-view of the Remediation across all of the devices, click Export to download a CSV and then filter/sort to your heart’s content: [ATTACH=full]56936[/ATTACH] [ATTACH=full]56937[/ATTACH] For more information and some community remediation script ideas: Remediations | Microsoft Learn Endpoint analytics remediation script community repository – Modern Device Management (jannikreinhard.com) Cheers - See you tomorrow! Hilde Continue reading...
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.