This is a quick and dirty to see why my groups are no longer applying to Windows 11
# You need an appProfile with intune permissions
$tenantId = 'xxxxxxxxxxxx' # You Tenant ID
$appId = 'xxxxxxxxxxxxx' # Application (client) ID
$appSecret = 'xxxxxxxxxxxxxx' #Value
$body = @{
grant_type = "client_credentials"
scope = "https://graph.microsoft.com/.default"
client_id = $appId
client_secret = $appSecret
}
$response = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -Method Post -Body $body -ContentType "application/x-www-form-urlencoded"
$token = $response.access_token
# connecting as the application with the permission on the service
Connect-MgGraph -AccessToken ($Token |ConvertTo-SecureString -AsPlainText -Force)
#disConnect-MgGraph
#(get-mgcontext).Scopes
# (get-mgcontext)
if (get-mgcontext) {write-host "Connected to O365`n" -ForegroundColor Green}
else { write-host "Ouch Disconnected from O365`n" break}
# Retrieve all groups
$groups = Get-MgGroup -Filter "groupTypes/any(c:c eq 'DynamicMembership')" -All
foreach ($group in $groups) {
$groupName = $group.DisplayName
$membershipRule = $group.MembershipRule
if ($membershipRule -like "*10.*"){
write-host $groupName,";" $group.MembershipRule
} }
No comments:
Post a Comment