Monday, February 10, 2025

Mircosoft Graph, AppProfile, Powershell, intune - export apps installed on computers

So I may be wrong, but I cant see the API allowing me to get the apps installed on the computer, I need to ask which are the computers this apps is installed on. 

So this script on a fleet of 4000 computers outputs a XLS of about 200,000 lines. I had to break it down and do a few different runs to stop the token timing out (just more then 5 users, then less then 5 users).

 

  
  # You need an appProfile with intune permissions
$tenantId = 'xxxxxxxxxxxx' # You Tenant ID
$appId = 'xxxxxxxxxxxxx'  # Application (client) ID
$appSecret = 'xxxxxxxxxxxxxx' #Value



$body = @{  
    grant_type    = "client_credentials"  
    scope = "https://graph.microsoft.com/.default"  
    client_id     = $appId  
    client_secret = $appSecret  
}  
 
$response = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -Method Post -Body $body -ContentType "application/x-www-form-urlencoded"  
$token = $response.access_token  

# connecting as the application with the permission on the service
Connect-MgGraph -AccessToken ($Token |ConvertTo-SecureString -AsPlainText -Force)  
#disConnect-MgGraph

 #(get-mgcontext).Scopes
 # (get-mgcontext)
   if (get-mgcontext) {write-host "Connected to O365" -ForegroundColor Green}
   else { write-host "Disconnected from O365" break}




$AllApps = Get-MgDeviceManagementDetectedApp  -Top 200
#$AllApps = Get-MgDeviceManagementDetectedApp -all
#$AllApps.Count

$allDetectedApps.count
#$allDetectedApps | Format-Table

# Just focus on the common Windows apps
$Over5allDetectedApps = $Allapps | Where-Object { $_.Platform -eq "windows" -and $_.DeviceCount -ge 5 }  
$Over5allDetectedApps.Count
#Write-Host ($allDetectedApps[3] | Format-List | Out-String)

      
# Initialize an array to store the output data  
$outputData = @()  
 
foreach ($app in $Over5allDetectedApps) {  
    # Retrieve all managed devices for the current app  
    $managedDevices = Get-MgDeviceManagementDetectedAppManagedDevice -DetectedAppId $app.Id  
      
    # Iterate through each managed device associated with the app  
    foreach ($device in $managedDevices) {  
        # Create a custom object for each app-device combination  
        $outputData += [PSCustomObject]@{  
            AppID         = $app.Id  
            ComputerName  = $device.DeviceName  
            AppDisplayName = $app.DisplayName  
        }  
    }  
}  
 
# Export the collected data to a CSV file  
$outputData | Export-Csv -Path "DetectedApps.csv" -NoTypeInformation -Delimiter ";"  

Write-Host "Exported"  
 

Posted by DaveColvin at 11:48 am

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Blog Archive