Get-WindowsAutoPilotInfo.ps1 Issues
I've built my own script for pulling the hardware hash from a machine and uploading it directly into Intune using -online and an app registration from Azure. it also pulls the current PC name and assigns a group tag. however, it works if I directly run it on the device but fails when I run it through KACE. I've tried running it as system, local admin, x86 and x64 bits. I've tried just placing the script on the device and then running the command to run the script from KACE and I still get the same errors.
Set-Alias Start-PowerShell64 "$env:windir\sysnative\WindowsPowerShell\v1.0\powershell.exe"
Start-PowerShell64
#Variables
$TenantID = ""
$AppID = ""
$AppSecret = ""
$GroupTag = ""
$PCName = hostname
#Register Device
set-executionpolicy bypass -Force
Install-PackageProvider Nuget -Force -ErrorAction SilentlyContinue
install-script get-windowsautopilotinfo -force -ErrorAction SilentlyContinue
get-windowsautopilotinfo -online -TenantID $TenantID -AppID $AppID -AppSecret $AppSecret -assignedcomputername $PCName -GroupTag $GroupTag
Of course leaving out information for my tenant but if anyone can help I would gladly take it because I've been racking my brain on this for 2 days now and wasting valuable time.
-
From the log, I can see that Azure-AD module is not loaded. I think that must be fixed first. What is OS on which you are running the script and is the execution policy set to bypass? - Sandra Jane 10 months ago
-
I was able to get this fixed but thank you for your response. - steven.west6685 10 months ago
Answers (2)
We are thinking about using inTune and am curous how you got this to work.
@'
#Variables
$TenantID = ""
$AppID = ""
$AppSecret = ""
$GroupTag = ""
$PCName = hostname
#Register Device
set-executionpolicy bypass -Force
Install-PackageProvider Nuget -Force -ErrorAction SilentlyContinue
install-script get-windowsautopilotinfo -force -ErrorAction SilentlyContinue
get-windowsautopilotinfo -online -TenantID $TenantID -AppID $AppID -AppSecret $AppSecret -assignedcomputername $PCName -GroupTag $GroupTag
'@ | &"$env:windir\Sysnative\WindowsPowerShell\v1.0\powershell.exe" -NoProfile -Command -
Above is the script I used, with the variables filled in of course, and then below the settings I used. You do have to build an app registration in Azure for the authentication giving Microsoft Graph the permissions for all devices. after inputting that into the script it works like a charm. That last variable pulls the current PC name into Intune so you don't have to manually go through and input each name. We use asset tags and that number is part of the computer name so that would have been too much work. Now we have the issue of remotely wiping the devices without user involvement and getting that to actually work 100% of the time.
