SyncAllIntuneDevices

3.3

syncallintunedevices.ps1

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
                                <#PSScriptInfo

.VERSION 3.3

.GUID 729ebf90-26fe-4795-92dc-ca8f570cdd22

.AUTHOR AndrewTaylor

.DESCRIPTION Synchronises All Intune managed devices

.COMPANYNAME 

.COPYRIGHT GPL

.TAGS intune endpoint MEM environment

.LICENSEURI https://github.com/andrew-s-taylor/public/blob/main/LICENSE

.PROJECTURI https://github.com/andrew-s-taylor/public

.ICONURI 

.EXTERNALMODULEDEPENDENCIES microsoft.graph.intune

.REQUIREDSCRIPTS 

.EXTERNALSCRIPTDEPENDENCIES 

.RELEASENOTES

#>

<#

.SYNOPSIS

  Synchronises All Intune managed devices

.DESCRIPTION

Synchronises All Intune managed devices

.INPUTS

None required

.OUTPUTS

Within Azure

.NOTES

  Version:        3.3

  Author:         Andrew Taylor

  Twitter:        @AndrewTaylor_2

  WWW:            andrewstaylor.com

  Creation Date:  24/11/2021

  Modified Date:  24/02/2023

  Purpose/Change: Initial script development

  Change:   Switched to MSGraph Auth

  Change:   Added pagination support for larger estates

  Change: Bug fix

  Change: Removed MS Graph module and switched to MgGraph

.EXAMPLE

N/A

#>

####################################################

Write-Host "Installing Microsoft Graph modules if required (current user scope)"

#Install MS Graph if not available

if (Get-Module -ListAvailable -Name Microsoft.Graph.authentication) {

    Write-Host "Microsoft Graph Already Installed"

} 

else {

    try {

        Install-Module -Name Microsoft.Graph.authentication -Scope CurrentUser -Repository PSGallery -Force 

    }

    catch [Exception] {

        $_.message 

        exit

    }

}

# Load the Graph module

Import-Module microsoft.graph.authentication

####################################################################### END INSTALL MODULES #######################################################################

Function Get-ScriptVersion(){

    <#

    .SYNOPSIS

    This function is used to check if the running script is the latest version

    .DESCRIPTION

    This function checks GitHub and compares the 'live' version with the one running

    .EXAMPLE

    Get-ScriptVersion

    Returns a warning and URL if outdated

    .NOTES

    NAME: Get-ScriptVersion

    #>

    [cmdletbinding()]

    param

    (

        $liveuri

    )

$contentheaderraw = (Invoke-WebRequest -Uri $liveuri -Method Get)

$contentheader = $contentheaderraw.Content.Split([Environment]::NewLine)

$liveversion = (($contentheader | Select-String 'Version:') -replace '[^0-9.]','') | Select-Object -First 1

$currentversion = ((Get-Content -Path $PSCommandPath | Select-String -Pattern "Version: *") -replace '[^0-9.]','') | Select-Object -First 1

if ($liveversion -ne $currentversion) {

write-host "Script has been updated, please download the latest version from $liveuri" -ForegroundColor Red

}

}

Get-ScriptVersion -liveuri "https://raw.githubusercontent.com/andrew-s-taylor/public/main/Powershell%20Scripts/Intune/SyncAllIntuneDevices.ps1"

####################################################################### CREATE AAD OBJECTS #######################################################################

#Connect to Graph

Select-MgProfile -Name Beta

Connect-MgGraph -Scopes CloudPC.ReadWrite.All, Domain.Read.All, Directory.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All, openid, profile, email, offline_access

####################################################

    function SyncDevice {

        param

(

    $DeviceID

)

        $Resource = "deviceManagement/managedDevices('$DeviceID')/syncDevice"

        $uri = "https://graph.microsoft.com/Beta/$($resource)"

        write-verbose $uri

        Write-Verbose "Sending sync command to $DeviceID"

        Invoke-MgGraphRequest -Uri $uri -Method Post -Body $null

    }

    ####################################################

#####################################################

#Sync All Devices

#####################################################

$graphApiVersion = "beta"

$Resource = "deviceManagement/managedDevices"

$uri = "https://graph.microsoft.com/$graphApiVersion/$Resource"

$devices = (Invoke-MgGraphRequest -Uri $uri -Method Get -OutputType PSObject)

$alldevices = @()

$alldevices += $devices.value

$policynextlink = $devices."@odata.nextlink"

while ($null -ne $policynextlink) {

$nextdevices = (Invoke-MgGraphRequest -Uri $policynextlink -Method Get -OutputType PSObject)

$policynextlink = $nextdevices."@odata.nextLink"

$alldevices += $nextdevices.value

}

foreach ($device in $alldevices) {

    SyncDevice -Deviceid $device.id

    $devicename = $device.deviceName

    write-host "Sync sent to $devicename"

}

##All done

Disconnect-MgGraph