Microsoft Intune PowerShell Module

We have got few new automation requests all are based on Microsoft Intune Product.

On doing bit of research we have found Intune module available on Git HUB as well as PowerShell gallery.

To install it from PowerShell Gallery use the command Install-Module -Name Microsoft.Graph.Intune

Ones you have installed it, first time you need to use

Connect-MSGraph -AdminConsent

This will ask for permissions same as any other Graph/Rest application when you connect to office 365 (I have used my Global admin account for first time installation/Configuration)

What this does is create Application Name : Microsoft Intune PowerShell under Enterprise applications in Azure AD.

After first time if admin consent has been granted successfully you only have to use Connect-MSGraph

Note: Any user in the organization will be able to connect it and that made me bit nervous but when I have tested with different test ids to connect it , they all got connected but they all were throwing

RED errors of unauthorized until I have granted them Intune Administrator rights, that has given me a sigh of relief.

I still do not want any one to be able to connect to it and I follow one of the practice called user assignment for Applications which is disabled by default.

Go to the application under AZURE AD, hit properties and say yes to User Assignment required, I also set visible to user to NO for these type of applications.

Ones that is done, go to users and groups under this application. assign the users that you want to allow connection to this APP.

Any other user, if he or she will try to connect will get the below error: (is not assigned to a role for the application)

Now you will be able to run the commands such as getting all managed devices : Get-IntuneManagedDevice

Enjoy and automate Microsoft Intune with this PowerShell module, do not forget about user assignment if you want to control who can use it.

Thanks for reading

Sukhija Vikas

PowerShell Fast Track




13 thoughts on “Microsoft Intune PowerShell Module

  1. Thank you very much for posting this. This is the clearest explanation that I have found on how to add the Microsoft Intune PowerShell app to Enterprise Applications if it is not already present.

  2. Pingback: Intune Marking devices as Corporate |

  3. Pingback: Intune – Export MAM Devices Report | Tech Wizard

  4. Pingback: Intune – MDM Enrollment Welcome Email | Tech Wizard

  5. Pingback: Intune Duplicate Device Cleanup | Tech Wizard

  6. Pingback: Intune Cleanup Not Evaluated Devices | Tech Wizard

  7. Pingback: Intune Bulk Device Removal Tool | Tech Wizard

  8. Pingback: Intune A Granel Dispositivo Herramienta De Eliminación De - Actual Tecnología

  9. Pingback: Intune – Check Particular APP installation on Devices | Tech Wizard

  10. Pingback: Use PowerShell to report on Intune devices – Savage Nomads

  11. Do the the Intune permission scopes on the app work well with Inrune RBAC (roles defined via scope tags)? Do the app permissions take precedence or does your account also need specific Intune roles?

      • Thanks. I asked about the RBAC because the article mentioned the Intune administrator role. Performed a quick test with an account that has access to a limited set of devices and the api did stay within that scope.

Leave a Reply to Tech Wizard (Sukhija Vikas) Cancel reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s