mmckinnon/IntunePolicies
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

chore: update settings for Edge and Defender policies

Browse Source
This commit is contained in:
Matthew McKinnon
2025-03-12 21:36:16 +10:00
parent 40c7895196
commit 39b6a1272d
4 changed files with 270 additions and 56 deletions
Download Patch File Download Diff File Expand all files Collapse all files

27
ImportPolicies.ps1
View File

@ -27,7 +27,7 @@ ForEach ($policie in $policies) {
try {
$uri = "https://graph.microsoft.com/beta/deviceManagement/configurationPolicies" # Using the beta version
# $response = Invoke-MgGraphRequest -Method POST -Uri $uri -Body ($PolicyObject | ConvertTo-Json -Depth 10)
$response = Invoke-MgGraphRequest -Method POST -Uri $uri -Body ($PolicyObject | ConvertTo-Json -Depth 10)
Write-Host "$PolicieName - successfully imported!"
#$response
} catch {
@ -39,10 +39,9 @@ ForEach ($policie in $policies) {
# Define the dynamic membership rule
$dynamicRule = '(device.deviceOSType -eq "Windows") and (device.accountEnabled -eq true) and (device.managementType -eq "MDM")'
# Create the security group with dynamic membership
$groupBody = @{
displayName = "Intune - All Windows Workstations Dynamic Membership"
displayName = "Intune - All Windows Workstations MDM"
mailEnabled = $false
mailNickname = "IntuneWindowsDevices"
securityEnabled = $true
@ -57,4 +56,26 @@ $groupBodyJson = $groupBody | ConvertTo-Json -Depth 10
# Create the group using Invoke-MgGraphRequest
Invoke-MgGraphRequest -Method POST -Uri "https://graph.microsoft.com/beta/groups" -Body $groupBodyJson -ContentType "application/json"
# Define the dynamic membership rule
$dynamicRule = '(device.deviceOSVersion -startsWith "10") and (device.deviceOSType -eq "Windows")'
# Create the security group with dynamic membership
$groupBody = @{
displayName = "Intune - All Windows Computers"
mailEnabled = $false
mailNickname = "IntuneWindowsDevices"
securityEnabled = $true
groupTypes = @("DynamicMembership")
membershipRule = $dynamicRule
membershipRuleProcessingState = "On"
}
# Convert the body to JSON
$groupBodyJson = $groupBody | ConvertTo-Json -Depth 10
# Create the group using Invoke-MgGraphRequest
Invoke-MgGraphRequest -Method POST -Uri "https://graph.microsoft.com/beta/groups" -Body $groupBodyJson -ContentType "application/json"
$null = Disconnect-Graph -ErrorAction SilentlyContinue