Skip to content

Latest commit

 

History

History
1257 lines (896 loc) · 60.2 KB

ReleaseNotes.md

File metadata and controls

1257 lines (896 loc) · 60.2 KB

Release Notes

3.9.8 - 2024-10-12

New features

  • Intune Info
    • Added 'Baseline Templates - Settings Catalog'
      This list templates for Settings Catalog policies eg. Security Baseline for Windows 10 and later

Fixes

  • Import/Export

    • Fixed support for export/import App Configurations (Device) - Android between environments
      Based on Issue 255
      Thank you @jimmywinberg for all the testing!
    • Fixed support for export/import App Configurations (Device) - iOS (VPP) between environments
      Based on Issue 260
      Thank you @Arne-RFA for all the testing!
    • Added support for exporting Groups targeted in W365 assignments
      Based on Issue 261
  • Added tooltip that variables are supported in the Export folder path
    Based on Discussions 269

  • Documentation

    • App Configuration (Device) documentation updated
      Added support for value type for Android policies
      Please continue discussion on the Issue below if this is still not working
      Based on Issue 231
      This required some rewriting of the core documentation and an update to all output providers
      This will make it easier to add additional tables to the documentation in the future
    • Fixed issue with missing group name when exporting CSV
      Based on Issue 274
    • Fixed issue with Authentication Strength when documenting Conditional Access policies
    • Language files re-generated
    • ObjectInfo files re-generated. Some Android updates
    • ObjectCategory file re-generated
  • Compare

    • Fixed issue with assignments on exported files when doing a Documentation compare
      The group name was not resolved from migration table file
      Based on Issue 274
  • Authentication

    • Added setting to allow Sort Tenant List
      Based on Issue 265

3.9.7 - 2024-06-27

New features

  • Compare

    • Added support for automation with batch job
    • Added a new Compare provider - Intune Objects with Exported Files (Name)
      This will support comparison exported policies between environments
    • Added support for skipping missing source policies
    • Added support for skipping missing destination policies
      Based on Issue 203 and Issue 128
  • Compliance

    • Added support for Compliance v2 policies eg Linx policies

Fixes

  • Compare

    • Renamed default provider to "Exported Files with Intune Objects (Id)" from "Intune Objects with Exported Files"
  • Generic

    • Fixed issue with domain names with special characters in Profile info
      Based on Issue 237
    • Lots of spelling and languag fixes in documentation, script and UI
      A huge thank you to @ee61r1 for doing all this!
  • Import/Export

    • Added support for exporting script for MacOS Custom attribute
      Based on Issue 244
  • Documentation

    • App Configuration (Device) documentation updated
      Initial support for Android
      Please continue discussion on the Issue below if this is still not working
      Based on Issue 231
    • Added support for documenting MacOS Custom attribute
      Based on Issue 244
    • Fixed issed when documenting Shell script. Code was not included
    • Language files re-generated
    • AppTypes file re-generated. Some apps were not documented with proper name

3.9.6 - 2024-04-22

BREAKING CHANGE
Microsoft are decommissioning the Intune PowerShell App with id d1ddf0e4-d672-4dae-b554-9d5bdfd93547, mentioned here
This was the default app in IntuneManagement. The default app is now changed to Microsoft Graph PowerShell app with id 14d82eec-204b-4c2f-b7e8-296a70dab67e
The script will automatically use that app for new installationsbr
A warning to change will be displayed if d1ddf0e4-d672-4dae-b554-9d5bdfd93547 is used
You can also register a new app, documented here and then configure that app in Settings

Note: This might require consent for the required permissions

There is no change if you are currently using a custom app or already changed to Microsoft Graph PowerShell in Settings

Also note that changing application will reset cached accounts

New features

  • Compare
    • Added support for ignoring Basic properties and Assignments
      Based on Issue 203 and Issue 128
      NOTE: Properties will be logged but with empty value for Match

Fixes

  • Compare

    • Fixed issue when comparing Settings Catalog settings with child settings eg Hardened UNC Paths in Security Baseline
  • Import/Export

    • Added support for import of MSIX app content
      Based on Discussion 191
    • Disable autoload of modules to prevent loading MSGraph module if found
      Based on Issue 208
  • Documentation

    • Language files re-generated.
    • AppTypes file re-generated. Some apps were not documented with proper name.

3.9.5 - 2024-01-20

Fixes

  • Import/Export

    • Assignments were not exported for some policies with trailing . in the name
      Based on Issue 184
      NOTE: Policy will not export if full path is over 260 characters
    • Fixed issue with policies not being exported when Batch was enabled in Settings
      and there was only one policy for the specified object type
    • Failed to get App Protection policies when Proxy was configured
    • Fixed issue with importing policies with dependency in tenants with 100+ policies for a single policy type
      Dependency only imported first page. All pages will be imported now to resolve dependencies
      Based on Issue 183
  • Fixed issue with multiple export folders when using %DateTime% in path
    Based on Issue 189

  • Get Assignment Filter usage

    • Filters not returned if only assigned to one policy
      Based on Issue 141
      NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage
  • Compare

    • Comparing Settings Catalog objects with exported objects failed
      Issue cause by offline documentation was not working
      Based on Issue 183
  • Documentation

    • Offline documentation of Settings Catalog was not working.
      Values were always documented from online object
    • Conditional Access documentation updates for Android and iOS
    • App Protection documentation updates for Android and iOS
    • Language files re-generated. Azure shou now be Entra for some documentations.

3.9.4 - 2023-12-18

Fixes

  • Get Assignment Filter usage

    • All policies that supports filter should now be collected
      Please create an issue if not all expected filters are listed
      Based on Issue 141
      NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage
  • Documentation

    • Added support for documenting Conditional Access policies based on Workloads
      Not 100% tested. Please report if not documented correctly

3.9.3 - 2023-12-11

New features

  • New tool - Get Assignment Filter usage

    • List all policies and assignments with a Filter defined
      Based on Issue 141
      NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage
  • Batch Export of App Content Encryption Key from Intunewin files
    This script can export encryption keys from existing intunewin files
    Example:
    Export-EncrytionKeys -RootFolder C:\Intune\Packages -ExportFolder C:\Intune\Download
    This will export the encryption key information for each .intunewinfiles under C:\Intune\Packages
    One json file will be created (for each .intunwinfile) in the C:\Intune\Download folder
    File name will be <IntunewinFileBaseName>_<UnencryptedFileSize>.json
    Do NOT rename this file since the script will search for that file when downloading or exporting App content
    The script will not require authentication and it will have no knowledge of apps in Intune
    Filename and unencrypted file size is used as the identifier to match app content in Intune with encryption file
    Important notes:
    Exported and decrypted .intunewin files are not supported to use for import at the moment.
    These files are just the "zip" version of the source and can be unzipped with any zip extraction tool
    The .intunewin file used for import has the "zip" version of the file and an xml with the encryption information +
    additional file information eg. msi properties, file size etc.
    Use the exported unencrypted "zip" version to restore the original files. Re-run the packaging tool if it should be re-used as applications content

    Please report any issues or create a discussion if there are any questions
    Script is located: <RootFolder>\Scripts\Export-EncrytionKeys.ps1


Fixes

  • Export

    • Fixed issue where Assignments were included in export even if 'Export Assignments' was unchecked
      Based on Issue 171
  • Documentation

    • Fixed issue where filter was not documented on some policies
    • Fixed issue with Word Output provider if a policy only had one settings
  • Custom ADMX Files

    • Fixed bug with migrating custom policies between environments. Cache was not cleared when swapping tenants or imported additional ADMX files
    • Fixed documentention issue with Administrative template policies in GCC environment. Name and Category was missing
      Based on Issue 174
    • Custom ADMX based policies was missing properties when swapping tenant
      Based on Issue 124
  • Generic

    • Fixed logging issues when processing objects with a group that was deleted. ID was not reported
    • Generic Batch request function created to support other batch requests eg Groups

3.9.2 - 2023-10-17

New features

  • Application Content Export - Experimental

    • Added support for Exporting Appliction with decrypted content
      App file can be downloaded during export or from the detail view of the Application
      Enable "Save Encryption File" and specify "App download folder" in Settings
      "App download folder" is used for encryption file and manual download
      File content will be downloaded to the export foler during export
      Files will be downloaded with .encrypted extension and then decrypted to original file name
      Please report any issue or any suggestions
      NOTE: This will ONLY work if the encryption file is exported and available
  • Authentication

    • Login with application
      This will login with specified Azure App ID and Secret/Certificate that is used for Batch processes
      NOTE: This will require a restart of the app
      Start with app must use -TenantID on command line. AppID and Secret/Certificate can be specified in Settings or command line
      Example: Start-IntuneManagement.ps1 -tenantId "<TenantID>" -appid "<AppID>" -secret "<Secret>"
      See Start-WithApp.cmd for samle file
      Based on Issue 122 and Issue 134
  • Support for new Settings

    • Save encryption file - Saves a json file with encryption data when an application file is uploaded eg created or uploaded in details view
    • App download folder - Folder where application files should be downloaded and decrypted
    • Login with App in UI (Preview) - Use app batch login in UI
    • Use Graph 1.0 (Not Recommended) - Use Graph v1.0 instead of Beta. Note: Some features will NOT work in v1.0
      Based on Issue 170

Fixes

  • Documentation

    • Language files re-generated eg Supersedence (preview) -> Supersedence
    • Added support for documenting "Filter for devices" info for Conditional Access policies
      Based on Issue 168
  • Custom ADMX Files

    • Fixed issues with migrating custom policies between environments (3rd time)
      Based on Issue 124
    • Fixed issue when importing ADMX files - Encoding issue eg ADMX/ADML file was UTF8
      Based on Issue 169
  • Importing Windows LoB Apps

    • Fixed issue when importing LoB Apps that was only targeted to System context
      Available Assignment option was missing after import
      Based on Discussion 164
    • Added support for Depnedency and Supersedence reations at import
      Application will need to be re-exported since additinal data is added to the export file
      Based on Discussion 159
  • Generic

    • Fixed issue when compiling Procxy CS file
    • Tls 1.2 is now enforced.
      Based on Discussion 166

3.9.1 - 2023-08-30

New features

  • Added support for Windows Update Driver Policies

  • Support for new Settings

    • Proxy configuration - If configured, Proxy will be used for authentication, APIs and upload
    • Disable Write-Error output - Skip PowerShell errors in output

Default Settings Value Changes

  • Conditional Access policies will now be imported as Disabled by default
  • New import option added: As Exported - Change On to Report-only
  • This is to avoid being locked out from the tenant when importing Conditional Access policies
  • Based on Discussion 139

Fixes

  • Documentation

    • Fixed issues with some Feature Updates properties
    • Added missing strings on Windows Update polices
    • Regenerated Language files and Translation tables for Template policies
      Note: Conditional Access string has changed file in background. Please report if there is anything missing
  • Custom ADMX Files

    • Fixed issues with migrating custom policies between environments
    • Case reopened due to something broke the initial functionality
    • Only custom ADMX policies with #Definition properties can be imported into a new environment
    • Based on Issue 124
  • Scope Tags

    • Fixed issues with importing policies with Scope Tags but they were not set
    • Based on Issue 133

Generic

  • Remove invalid characters from path.
  • Based on Issue 150

3.9.0 - 2023-05-04

New features

  • Added support for Authentication Context objects

    • These are used by Conditional Access policies
      Based on Issue 109
  • Added support for Windows 365 Cloud PC settings

  • Added support for Export/Import Tennant Settings

    • This is added the Intune Info view for now (Views -> Intune Info)
      This means that there is no support for Bulk Import/Export. It must be done manually
      This is to minimize the risk of re-importing Tenant settings
      Based on Discussion 131

Fixes

  • Documentation
    • Added full documentation of Requirement and Detection rules for Win Apps
      Based on Issue 119
    • Fixed issue were documentation could crash if Reusable Settings policies exists
      Based on Issue 123
    • Regenerated Language files and Translation tables for Template policies
  • Intunwin File Upload
    • Fixed issue when uploading very large files
      Based on Issue 112
    • Fixed issue when IE not installed
  • Compare
    • Fixed issue where Compare could generate an exception in the log
      Based on Issue 128
      Note: Issue 128 is only partially fixed. Compare needs a major update to fix the rest
  • Import
    • Fixed an issue when creating Cloud groups based on on-prem groups without MigTable
    • Fixed an issue when importing groups with a space in the beginning
      Note: Inital spaces will be removed when importing groups
    • Fixed issue when importing Endpoint Status Page polices with applications defined
    • Fixed issue when importing Proactive Remediations (Health Scripts) with assignments
    • Fixed issue when importing a Conditional Policy with Session propery disableResilienceDefaults set to $false
    • Fixed issue when importing WiFi profiles. Support for multiple references was added eg multiple server verification certificates
      Based on Issue 114
    • Terms of Use was not visible in the menu
      Note: This might generate a Consent prompt if Use Default Permissions is not enabled
      Additional permission required on the Azure App: Agreement.ReadWrite.All

3.8.1 - 2023-01-26

New features

  • Added support for Reusable Settings objects

    • These are used by some of the Endpoint Security polices like Firewall rules
      Based on private request
      Note: No documentation support yet
  • Added support for custom Authentication Strengths objects

    • These can be used in Conditional Access policies
      Based on Issue 109
      Note: Not all issues in 109 are fixed yet and no documentation support yet
  • Export/Import

    • PowerShell files for Health Scripts exported to the Export folder
    • PowerShell files for Application Detection scripts are exported to the Export folder
      Both scripts exports are based on Issue 103
  • Documentation

    • Documentation engine completely rewritten for Settings Catalog and had major updates for other object types
      Please create an issue if there are any problems
    • Added support for HTML output
    • MD output is now official with included support for CSS and single file Output.
      Based on Issue 35
    • Added support for indent on sub-properties so it will be visible that a property is set based on a parent
      Based on Discussion 90
    • Added option to skip assignments in the documentation
      Based on Issue 102
    • Moved some Output options to generic output settings; Document scripts and Remove script signature
  • Generic

    • Added new property on applications, InstallerType. This can be added as a new column to the View for Applications.
      It specifies the New Microsoft Store App type; UWP or Win32
      Based on Issue 101
    • Added response information f an API call failed. The log should now have a better description on why an API failed.

Fixes

  • Documentation

    • Lots of documentation issues fixed by the new Documentation engine
    • Sections and policies should now be in correct alphabetic order
      Based on Discussion 90
    • Fixed issues with assignments for Setting Catalog issues
      Based on Issue 102
    • Translation files re-generated
    • Fixed error message: "Invoke-WordTranslateColumnHeader is not recognized as the name of a cmdlet" Based on Issue 99
  • Authentication

    • Fixed an issue when authentication to China Cloud
      Based on Issue 106

3.7.4 - 2022-11-17

Fixes

Lots of these issues are based on Issue 94
Thank you Dominique for all the amazing help with testing!

  • Import/Export

    • Added support for Export of TermsOfUse PDF files
      Based on Issue 27
    • Fixed an issue where it failed to import .intunewin files during bulk import
    • Fixed issue with importing Edge app assignments
    • Changed the order for Bulk delete to make sure policies are deleted in the correct order
    • Lots of logging fixes for Bulk Export - Logged error when exporting object types not used
    • Business Store Apps will not be delete - Not supported
    • No import of assignments for default policies (Enrollment Status Page and Enrolment Restrictions)
    • Lots of logging fixes for Bulk Delete - Errors if deleting default policies, trying to delete object types that were not used etc.
  • Documentation

    • Added intent for Win32 Assignments
      Based on Issue 98
    • Fixed an error when documenting Assignments for Win32 apps - Invoke-WordTranslateColumnHeader was missing/removed
      Based on Issue 99

  • Logging
    • Added additional response error information if it failed to call a Graph API
    • Missing groups will now only generate a warning instead of Graph API error
    • No error for users without a profile photo


3.7.3 - 2022-10-24

Fixes

  • Import
    • Fixed a bug where it failed to import Endpoint Security policies
    • Fixed an issue where it failed to import Assignment Filters. A new property was added that is not supported during the import


3.7.2 - 2022-10-08

New features

  • Added support for ADMX Files (Preview)
    • First version of supporting the ADMX file import
    • Support for export/import policies based on ADMX files
      The import/export between environments is very tricky so please report any issues
      Note: The ADMX/ADML files must be copied to the app package folder or the policy exported folder
      The ADMX files imported is based on last modify date. This will make sure files are imported in the correct order eg Mozilla and Firefox ADMX files
      Based on Issue 84
  • Added support for value output type when documenting Administrative Templates
    • Select Output value in the Documentation form. Value with label will add the label when documenting sub-properties
  • Translate TenantID when migrating policies between environment
    • Any policy with a Tenant ID value will be translated when importing to a new environment
      Based on Discussion 83

Fixes

  • Authentication

    • Fixed an issue when auhencating with certificates during batch jobs
      Fixed by @cstaubli. Thank you!
      Based on Issue 85
  • Export\Import Fixes

    • Fixed an issue when importing Microsoft Apps files and the default document format was not set
      Based on Issue 92
  • Documentation

    • Fixed the order of sub-properties when documenting Administrative Templates
    • Fixed an issue where some xml values were not documented eg taskbar xml
    • Translation files re-generated


3.7.1 - 2022-08-08

Fixes

  • UI
    • Fixed a bug where the menu bar was empty if not logged in

3.7.0 - 2022-08-02

Breaking changes

  • A third header level was added when documenting to word
    This level is used during bulk documentation and a group has more than one object type
    Eg. The Conditional Access group documents Conditional Access, Named Locations and Terms of Use
    The document will now have one section for each object type as third header level

    This could break documentation if a custom word template is used, and it does not have a third level header named 'Heading 3'
    Specify the name of the 'Header 3 style' value in the Word settings before documenting

New features

  • Support for tenant menu colors

    • Set colors and add tenant name to the menu bar
    • Configure this in Tenant Settings and use this to distinguish lab from production environments
      Based on Issue 63
  • Support for Compliance Scripts

    • Added support to Export, Import and Document Compliance Scripts profiles
    • Compliance Script will now be included when documenting Compliance policy objects
      Based on Issue 60

Setting changes

  • 'Allow update on import (Preview)' is removed
    The 'Import type' is now always available
    Note that Replace/Update are not fully verified yet
    Based on Issue 68

Fixes

  • Export\Import Fixes

    • Target app groups was not set properly for App Protection policies during import
      Based on Issue 67
    • Scope Tags were not assigned to objects during import
      This happened in environment where Scope Tags already existed before import
      Labels renamed to clarify that Scope Tags are assigned and not imported during import
      Based on Issue 61
    • Default branding file had double dots in the exported file name Issue 64
    • Added API throttling during batch mode
  • Documentation

    • Some properties were not documented for Endpoint Security objects
    • Authentication context name added to Conditional Access
    • Translation files re-generated. This might add support for updated settings eg DFCI objects now uses separate category files


3.6.0 - 2022-06-29

New features

Silent batch job

  • Added support for silent batch documentation
    Based on Issue 39

Support for Co-management Settings

  • Added support for Export,Import and Document Co-management Settings profiles

Documentation

  • Re-generated language files and translation files
    Some changes in Android profiles, iOS VPN and Windows Wired Network
  • Add support for documenting the following profiles - Issue 57
    • Intune Roles
    • Custom Device Type Restrictions

Fixes

  • UI Fixes
    • View did not show properties below 10 levels
  • Silent batch job - Issue 39
    • Unchecking default values was not working
    • Failed to start without configuration file
    • Failed to authenticate with certificate
  • Documentation Fixes
    • Autopilot Profiles (Issue 50)
    • Kiosk Template Profiles (Issue 49)
    • Endpoint Protection Template Profiles (Issue 51)
    • All User/All Devices Assignments (Issue 54)
    • Scope Tags for Filters and PolicySets (Issue 52)
    • Local User Group Membership - members were not listed
  • Export\Import Fixes
    • AssignmentFilters were not assigned during import (Twitter reported issue)
    • Failed to assigned dependencies during import when dependency objects existed in the environment (Twitter reported issue)
    • Failed to import/export lots of policies (Twitter reported issue)
      429 - Too many requests. Graph API throttling kicked in.
    • PowerShell script exported with wrong encoding (Issue 48)

3.5.0 - 2022-04-26

New features

  • Automatic update check
    The app will check GitHub at start-up if there is a new version available
    This can be disabled in settings

  • Use PowerShell 5
    Command files will now use PowerShell 5 (-version 5 in the command line)
    This is based on Issue 44

  • Documentation

    • New Word settings: Table text style and table caption location
      This is based on an additional request in Issue 37
    • Terms of Use info when documenting Conditional Access
    • Added documentation support for Terms of Use
    • Added additional support for offline documentation
      Note: Offline is defined as documenting an exported folder while logged in to another tenant.
      If logged in to the same tenant as the exported folder, "online" documentation will be used
    • Changed the layout for the assignment table on Win32 Applications. There were too many columns so additional info is changed to a table in the value column
    • Filter / Filter Mode column headers are now set from language files

  • Export/Import
    • Users in Conditional Access are now added to the Migration Table
      This is so the user IDs can be translated during Offline documentation
    • Referenced settings are now included in the export
      This is to support referenced settings during import, copy and offline documentation (Certs on VPN profiles etc.)
      These properties are named #CustomRef_PropertyName in the json file
      Note: This might cause export/copy to take longer once every second week since it requires the MetaData XML for Graph to be downloaded.
      This feature can be turned off by unchecking 'Resolve reference info' in Settings

  • Copy
    • New dialog when copying an object. Description can now be changed during the copy

- **Authentication**
- Full authentication support for US Government and China clouds
This requires that 'Show Azure AD login menu' is enabled in Settings
- Consent can be requested for missing permissions. This can be triggered via the 'Request Consent' link in the user profile info
- New version of MSAL.DLL, version 4.42.1
- Object types with only Read permissions are now supported. These will be orange in the menu
Buttons like Import and Delete will still be available but they will not work

  • List objects
    • IsAssigned column is added to objects that supports it (property on the Graph object)
    • Enable 'Expand assignments' in Settings to include Assignments when getting a full list of objects from Graph
      This can be used for adding Custom columns based on assignment info
      It is also used for setting the IsAssigned column for objects that doesn't have the info in Graph
      This is based on Issue 30
    • Apps can be filtered in the request
      If there are more than 1000 applications in the environment, the filter box can be used to return only matched items
      Enter the filter in the text box and press the Refresh button. Clear the filter box and click Refresh to reload other objects
      This is based on Issue 28

Fixes

  • Documentation

    • Fixed bug in Conditional Access documentation that caused some Grant information to be excluded from documentation
    • Fixed missing properties when documenting Device restrictions (Windows 10 Team) profiles
    • Fixed some Offline Documentation issues
      Get dependency info from exported folders instead of Graph
      Offline documentation is not 100% fully supported yet. Dependency applications for Win32 apps are not included in this version
      and there might be more properties missing. Please report anything missing for offline documentation to Issue 37
      Note Offline documentation will always require online access. Some information like language text, Azure roles, Mobile apps etc. will use Graph API

  • Authentication

    • First login with last used account could fail if the user domain was changed after the initial token was cached

3.4.0 - 2022-03-01

New features

  • Silent batch job Export/Import can now be executed without UI
    See documentation for full requirements

    Note Please report any issues to Issue 39

    This is based on Issue 39

  • Documentation

    • Support for documenting an environment based on exported files

      Select the Source files folder in the Documentation Types (Bulk menu) dialog.

      Note: Some values will NOT be included. These are referenced values and not a property on the object eg Certificate on a VPN profile, Root certificate on a SCEP profile etc. These values will be documented with ##TBD...

      This is based on Issue 37

    • Support for attaching the json file for the object in the word document

    • Support for documentation output level (Word)
      Documenting the full environment can create a document with 1000+ pages depending on the amount of profiles and policies. The documentation output level can now be used to reduce the document size. The output level options are:

      • Full - Document every single value
      • Limited - Set max value and truncate size for documentation and as option, attach the original value as a text document to the value cell e.g. truncate all values over 500 characters to 10 characters and attach the full value as a text file in the document. This will reduce documentation size for profiles with large XML strings like ADMX ingestion
      • Basic - Only include the Basic and Assignments tables in the documentation
    • Added support for documenting Filters

  • Added UI for configuring custom columns
    This can now be done in the Detail View
    This is based on Issue 30

  • Added support for updating Name and Descriptions of the object in Detail View
    This is As-Is functionality. Not all object types have been tested.
    It is recommended to use the portal for this.
    This is based on a private request

  • Added support for copying an app

    Note This requires that the App packages folder is specified in Settings and that the file for the app is available in that folder. If the app file is missing it can be uploaded manually in the Details view

    This is based on Issue 42

  • Added support for manually upload an app file via the Details view

Fixes

  • Documentation

    • Updated documentation files with support for new properties and removed unused values (Windows Updates, Windows Feature Updates etc.)
    • Fixed an issue where VPN profiles in some cases was missing the Base VPN settings
    • Fixed an issue when using a template
      A table of content will no longer be created. That should be included in the template
  • Application import

    • Minor change in the app Win32 upload functionality to align to portal APIs

    • The File Name is now updated to be based on the actual uploaded file

      Important Please create an issue if there are any problems

  • Fixed an issue where ESP and Enrolment Restriction objects were not listed The original filters stopped working

    Note The Enrolment restrictions has changed in Graph. There is now one object for each OS type. So there will be multiple restriction objects exported. platformType column was added to identify each object

    This is based on Issue 41

  • Minor fixes in Import/Export extensions - Required for silent batch job support

  • Fixed an issue where PostListCommand was not triggered

    • Additional Endpoint Security columns were not listed
    • Azure Branding objects was missing the language column

- Fixed issue where the Document button was not enabled when **Select All** was clicked (without selecting an object first)

This is based on Issue 36

  • Other minor bug fixes to support the new features

3.3.3 - 2021-12-15

Fixes

  • Fixed issue where displayName was missing in object list
    Thank you Jason!

3.3.2 - 2021-12-14

New features

  • Markdown support for documentation (Experimental) This will create a MD document in the Documents folder. Note: This is not working 100% at the moment. The script will create a MD document but it might be too large if all objects in the environment are documented.

    Also note that HTML tables are used so that code can be documented as code blocks. This must be supported by the MD Viewer. The Markdown Viewer extension in Chrome was used during testing.

    Please report any suggestions to the issue.
    This is based on Issue 35

  • Added support for batched export This will use batch API to request full info for up to 20 objects per batch to reduce export time This can be enabled in setting

  • Added support for scrolling cached users and guest accounts in the profile info
    This can be enabled in settings

  • Added support for sorting cached users
    This can be enabled in settings

Fixes

  • Paged return of objects
    Only first page of objects will be loaded by default. Additional pages can be loaded with Load More or all available objects can be loaded with Load All.
    This is based on Issue 28

  • Fixed an issue where a checkbox had to be clicked twice to be checked when the list was filtered
    This is based on a known issue

  • Fixed an issue where buttons were not enabled when Select All was checked
    This is based on Issue 36

  • Fixed an issue when adding object ID to the file name during export The separate settings file was not exported with the ID in the name which could cause issues during import

3.3.1 (Beta) - 2021-10-28

This is a BETA release. It contains core changes for Authentication and Settings management. Please report any issues here.

New features

  • Added support for selecting GCC when using US Government Cloud

  • Tenant Specific Setting

    The script now supports tenant specific settings. This can be used in scenarios like: only allow delete on you test environments, tenant specific Intune app folders etc. Login settings like Cloud and GCC is only used if logging on with a cached token. It will otherwise use the current tenant settings.

    Test feedback request: If there are any users accessing multiple cloud environments like US Government with different GCC levels, please report any issues, working or not. Please report it to Issue 26

    Note: Not all settings have be tested and verified and only Setting Values are supported e.g. last Bulk Compare strings are global. Cached settings might not be updated when connecting to another tenant.

  • Log View

    View the log of the current session in the app

  • Added support for documenting scripts for Word This is based on Issue 34

    • New Script options in the Output option tab e.g. enable/disable script documentation, remove PowerShell signature block and documentation styles
    • Supports PowerShell/Shell scripts, Proactive Remediations and Win32 Apps (Requirement/Detection scripts)
    • Scripts will be documented in a separate table with style HTLM Code by default. Spell check is disabled for the script text.
  • Permission detection if Use Default Permissions is enabled

    Default permissions will only use the permission consented to the selected Azure App. The script will check the required permissions with the Access Token. If permissions are missing for one or more objects, they will be marked as red in the menu or they can be excluded from the menu by enable Hide No-access items in Settings

Default Settings Value Changes

  • Use Default Permissions is now set to Enabled by default. With the Tenant Specific Settings feature, this can now be enabled globally or per tenant. Consultants accessing multiple environments might not have permissions to grant consent requests so this could be enabled on a global level and then disabled for tenants where the permissions can be added.

Fixes

  • Fixed an issue when using Json settings where it could not add child settings

3.3.0 (Beta) - 2021-10-17

This is a BETA release. It contains core changes for Authentication and Settings management. Please report any issues here.

New features

  • Support for Settings in Json files Settings can now be stored in json files and copied between devices.

    See Readme on how to use this feature This is based on Issue 33

  • Bulk Compare for exported folders

    The tool can now compare two exported folders This is based on Issue 32

  • Support for Azure AD US Government cloud and Azure AD China cloud. Default is Azure AD Public cloud.

    Change cloud in Settings Note: This is a major change to the authentication. This may have an impact if a custom configured Azure app is used. This is based on Issue 26. Please report any problem, progress or testing with US Government/China cloud or if there are any issues when a custom configured Azure app is used.

  • Export can now add Id to the name of the backup file

    This can be used if there are multiple objects with the same name.

    This can be enabled in Settings. Backup file name will be _.json.

  • Export/Import/Compare/Delete now supports name filter Objects are filtered based on escaped RegEx -nomatch expression so wildcards are not supported.

  • IntuneAssignments report will now include the id of deleted groups

Fixes

  • Fixed an issue in Export. Groups were not exported if exporting multiple times and multiple folders during the same session.
  • Fixed an issue in Compare where the csv file was not stored in the correct folder
  • Fixed an issue in Compare where the comparing object may return System[]. This can happen if the generated files has multiple documentation items for a property. First result will be used.

3.2.3 - 2021-10-07

New features

  • Added support for Terms of Use Export/Import. This requires that the pdf file is available during import, in either the export folder or the Intune App folder. This is added as a Known Issue in Readme.

    Note: This is in preview and it requires that the Preview option in Settings is enabled and then a script restart. This will most likely generate a new consent prompt. This is based on Issue 27

  • All objects are returned

    This might take long time in huge environments. Please report feedback on how this works in environments with 1000+ objects e.g. does it take too long time, memory issues etc. This is based on Issue 29

  • Added support for custom columns This must be manually added to the registry.

    See Readme on how to use this This is based on Issue 30

  • Object count will be displayed

Fixes

  • Fixed minor bugs in IntuneAssignments - Support Name for objects that don't use displayName
  • Regenerated documentation and language files - New properties for the iOS Device Restriction profile is now supported

3.2.2 - 2021-09-23

New features

  • Added support for setting Conditional Access policy state during import. The default setting is to import Conditional Access policies with the same sate as they were exported. This is based on feature request Issue 25 Note: Security defaults must be disabled before Conditional Access policies can be imported as Enabled.

Fixes

  • Fixed bugs when using the ImportExtension command

3.2.1 - 2021-09-04

New features

  • PowerShell Scripts can now be viewed and edited in the tool
  • Intune Tools
    • Added Intune Assignment - Simple tool to quickly gather all assignments from exported objects
  • Documentation
    • Added documentation support for
      • Scope (Tags) Note: This will generate one section for all Scopes in the word document
      • Health Scripts (Remediation Scripts)

Fixes

  • General

    • Custom Device Configuration profiles will convert encrypted OMA URI values when the full object is loaded instead of only during Copy and Export.
    • All file exports are now saved in UTF8
  • Compare

    • Fixed issue where the wrong name was specified if the compare object was missing
    • Administrative Templates, Settings Catalog and Endpoint Security will always compare based on documentation.
    • Encrypted OMA URI values are now supported
  • Documentation

    • Minor updates to support documenting all objects of a specific object type in one section instead of one section per object
    • Fixed "Not Configured" value issues for empty arrays
    • Fixed documentation of Microsoft 365 Apps when XML is used
    • Minor updates on VPN profile documentation. EAP XML will be in XML format and removed duplicate SplitTunneling values. Note: The EAP XML will require manual update of the column sizes in Word

3.2.0 - 2021-08-15

New features

  • Intune Tools (New View)

    • ADMX Import - Configure settings for 3rd party ADMX files with a UI similar to GPMC and create a Custom Profile based on the configured settings

    • Reg Values - Add registry values to HKLM or HKCU. This will create and ADMX based on the configured settings and create a Custom Profile in Intune

      See ADMX Import for more information on how this works

      Note: There is only Import functionality in this version. It does not support updating an existing Custom Profile ADMX policies.

    • Important! Consider this tool to be in preview at this moment. It has only been tested on Cloud only joined devices. It looks like there are different functionality in the Policy CSP between hybrid and cloud only joined devices. It would be great if anyone testing this on hybrid (or cloud only joined) devices could create an issue and report back the findings, even if it works as intended.

    There are indications that Microsoft is implementing this into the portal UI. The groupPolicyUploadedDefinitionFile API suggests that the portal will support this in the future. It would be good if this could be integrated with the Settings Catalog.

  • Documentation:

    • Create cover page and table of contents when no template is selected
    • Select CSV delimiter when documenting to a CSV file
  • Compare:

    • Select CSV delimiter for bulk compare

Fixes

  • Authentication

    • The script will start even if it failed to add type TokenCacheHelperEx.

      This is based on Issue 21

      Note: The token will not support caching if this fails. This could be caused by not having write access to the \CS folder or by restrictive ASR policies

  • Export/Import

    • Added support for exporting OMA-URI values that are stored encrypted.

      Note: OMA-URI strings and XML Files are stored encrypted. These values will be decrypted and stored in clear text. Be careful if sensitive data is stored e.g. passwords.

    • Fix for updating existing Autopilot profiles during import. A new property was added that broke the functionality. This is based on the feature request in Issue 17

  • Documentation

    • New handling of Not Configured properties. Skipping unconfigured properties will now skip all these properties during documentation
    • Minor fixes to avoid duplicate documentation of properties
  • Compare

    • Fixed bugs when comparing Intent objects (Endpoint Security) policies in Documentation mode.
  • Copy

    • Copy Custom Profiles with encrypted values

Additional Changes:

  • Documentation files has be re-generated to support new\updated properties on Property based objects.

3.1.8 - 2021-07-18

New features

  • Forget cached users - Forget a user by clicking on the bin icon in the user information. This will remove the user from the cached file. It will not remove it from the browser cache.
  • Update existing profiles during import is moved to preview. Important: See the Import section in the Readme file for more information This is based on the feature request in Issue 17

Fixes

  • Fixed a bug when exporting Settings Catalog. When exporting settings based on key/value pairs, some parts were not converted to json objects. Import worked but not the update. Depth parameter was increased in the ConvertTo-Json functions.

3.1.7 - 2021-07-12

New features

  • Support for documenting Notifications
  • PREVIEW/EXPERIMENTAL - Support for Replace/Update existing profiles/policies during import. See the Import section in the Readme file for more information This is based on the feature request in Issue 17

Fixes

  • Fixed bug that caused an exception when listing App Protection objects and only one object existed in the environment.

    See Issue 15 for more info

  • Import Priority based objects in the priority order specified in the files (Enrolment Restrictions and Autopilot profiles)

  • Set default settings for the options in the Import forms (Based on Settings)

  • Delete Autopilot profiles with assignments

  • Moved the assignments import to a separate function

3.1.6 - 2021-07-07

Fixes

  • Fixed invalid file name characters - Issue 19

    • Added -LiteralPath to Get and Set-Content
    • Save CSV in document
    • Import/Export Administrative Template and Role Definitions
    • Saving the PowerShell script file
    • Export with assignments for multiple profiles
  • Added support for [ and ] in file names

    Note: This can cause duplicate files if exporting to the same location as pre 3.1.6 export and the profile name contains [ or ]

  • Changed to custom documentation for Custom OMA-URI profiles

  • Administrative Template now includes definitionValues in detailed view and export

  • Fixed exporting PowerShell script in Bulk export. Option was only available if PowerShell was active type.

  • Fixed issue with MigrationTable when exporting from two different environments without restart. The Group information was save to the same MigrationTable.

3.1.5 - 2021-07-06

Fixes

  • Fixed rushed update for Issue 18
  • Fixed bug in Compare module

3.1.4 - 2021-07-06

Fixes

  • Fixed issue importing Administrative Templates

    See Issue 18 for more info

3.1.3 - 2021-07-05

New features

  • Bulk Compare
    • Compare with exported files
    • Compare with existing objects based on name patterns
  • Bulk Copy
    • Copy existing objects based on name patterns
  • Support for documenting PolicySets
  • Release Notes check - Check if there are any updates by comparing the local version of ReleaseNotes.md with the GitHub version

Fixes

  • Fixed bug that caused an exception when exporting objects with an assignment and the 'Export Assignment' option disabled.

    See Issue 16 for more info

  • Export Assignments in Bulk Export and Object Export did not get default value from Settings

  • Fixed issue where the required permissions were not passed during authentication

3.1.2 - 2021-06-20

New features

  • Delete and Bulk Delete - Delete selected items or delete ALL items of selected object types

    Note: This must be enabled in the settings. They are not visible by default.

    WARNING: Use this carefully! It will delete profiles and policies in Intune.

  • Support for new object Health Scripts

  • Object permissions is now handled by ViewObject and authentication provider. This is to support future view extensions.

Fixes

  • Azure Role Read permission can be disabled in settings
  • Minor UI changes e.g. List Boxes for bulk Import/Export changed to DataGrid
  • Minor bulk export fixes

3.1.1 - 2021-06-16

New features

  • Download script for Custom Attribute
  • Documentation
    • Added support for additional objects (Enrollment restrictions)

Fixes

  • Failed to get user information during logon. Something was changed in Graph that caused calling ME with full ODATA to fail.

  • Added RoleManagement.Read.Directory as a default required permission.

    NOTE: This will most likely cause a consent prompt

  • Some additional minor fixes

3.1.0 - 2021-06-08

Breaking Changes

  • Export folder for PowerShell is changed to PowerShellScripts

New features

  • Documentation
    • Document Intune objects to CSV or Word

    • Object will be documented with text from Intune

    • Document in any supported language

    • See Documentation for more information

      Note: This is the first version of the documentation. It does not support ALL object types and might be missing some properties

  • Compare
    • Compare objects with exported files
    • Property comparison
    • Documentation comparison
  • Support for additional objects
    • Quality Updates, Filters, Mac Scripts and Custom Attributes
  • Azure AD role displayed in token info
  • Fixed sending additional headers in the Graph request

Fixes

  • Support for Privacy Access Controls in Windows 10 Device Restriction profiles
  • Support for AppLocker files in WIP policy
  • Select All checkboxes moved from below data grids to the header of the column

3.0.0 Beta 1 - 2021-04-01

Breaking changes

  • Dropped support for Azure Branding and MAM/MDM settings...for now
  • Import might not work for items exported with previous versions. Some folders are renamed, import is depending on additional information.

New features

  • Authentication managed by Microsoft Authentication Library (MSAL)
    • Support for switching user
    • Support for switching tenant. Multi tenant support must be enabled in Settings
    • Token info, Profile picture info support etc.
    • See MSAL info for more information
  • Support for multiple Views - Intune Management and Intune Info for now...
    • Intune Management - Export/Import/Copy objects in Intune
    • Intune Info - Show information about some objects in Intune
  • Improved UI experience
    • Support for resizing the Window
    • Support for searching for objects
    • Refresh objects in the list
    • Scaled popup dialogs
  • API management redeveloped from scratch to simplify support for new object types in the future
  • Support for new object types (Settings Catalog, Named Locations, Scope Tags, Policy Sets etc.)
  • Better support for migrating objects between environments
    • Group migrations e.g. support for Dynamic Groups, different group types etc.
    • Support for dependency objects e.g. Policy Sets reference other objects like Compliance Settings etc. The import of an object uses exported json files to identify dependent items and map old Id to the new Id in the target environment
    • Support for migrating Scope Tags (Uses the dependency functionallity so Scope Tags must be Exported/Imported)
    • Better support for migrating Assignments

Dependencies

  • MSAL - Microsoft.Identity.Client.dll. This is included in Az / MSAL.PS modules or it can be installed separately. This release was developed and tested with MSAL version 4.21.0.0.

2.0.0 - 2021-02-01

Breaking changes

  • Removed support for AzureRM

New features

  • Support for Az module

Fixes

  • Allow more than 9 Conditional Access policies. Issue #5
  • Include WIP policies. Issue #7
  • Import is not working. Issue #6 and #4
  • Intune module can now be install with scope user. Issue #8

1.0.0

  • Intune Management with PowerShell
  • Dependencies: Intune and AzureRM PowerShell modules