3.9.8

New features

• Intune Info
  • Added 'Baseline Templates - Settings Catalog'
    This list templates for Settings Catalog policies eg. Security Baseline for Windows 10 and later

Fixes

• Import/Export

  • Fixed support for export/import App Configurations (Device) - Android between environments
    Based on Issue 255
    Thank you @jimmywinberg for all the testing!
  • Fixed support for export/import App Configurations (Device) - iOS (VPP) between environments
    Based on Issue 260
    Thank you @Arne-RFA for all the testing!
  • Added support for exporting Groups targeted in W365 assignments
    Based on Issue 261

• Added tooltip that variables are supported in the Export folder path
  Based on Discussions 269

• Documentation

  • App Configuration (Device) documentation updated
    Added support for value type for Android policies
    Please continue discussion on the Issue below if this is still not working
    Based on Issue 231
    This required some rewriting of the core documentation and an update to all output providers
    This will make it easier to add additional tables to the documentation in the future
  • Fixed issue with missing group name when exporting CSV
    Based on Issue 274
  • Fixed issue with Authentication Strength when documenting Conditional Access policies
  • Language files re-generated
  • ObjectInfo files re-generated. Some Android updates
  • ObjectCategory file re-generated

• Compare

  • Fixed issue with assignments on exported files when doing a Documentation compare
    The group name was not resolved from migration table file
    Based on Issue 274

• Authentication

  • Added setting to allow Sort Tenant List
    Based on Issue 265

3.9.7

New features

• Compare

  • Added support for automation with batch job
  • Added a new Compare provider - Intune Objects with Exported Files (Name)
    This will support comparison exported policies between environments
  • Added support for skipping missing source policies
  • Added support for skipping missing destination policies
    Based on Issue 203 and Issue 128

• Compliance

  • Added support for Compliance v2 policies eg Linx policies

Fixes

• Compare

  • Renamed default provider to "Exported Files with Intune Objects (Id)" from "Intune Objects with Exported Files"

• Generic

  • Fixed issue with domain names with special characters in Profile info
    Based on Issue 237
  • Lots of spelling and languag fixes in documentation, script and UI
    A huge thank you to @ee61r1 for doing all this!

• Import/Export

  • Added support for exporting script for MacOS Custom attribute
    Based on Issue 244

• Documentation

  • App Configuration (Device) documentation updated
    Initial support for Android
    Please continue discussion on the Issue below if this is still not working
    Based on Issue 231
  • Added support for documenting MacOS Custom attribute
    Based on Issue 244
  • Fixed issed when documenting Shell script. Code was not included
  • Language files re-generated
  • AppTypes file re-generated. Some apps were not documented with proper name

3.9.6

BREAKING CHANGE

Microsoft are decommissioning the Intune PowerShell App with id d1ddf0e4-d672-4dae-b554-9d5bdfd93547, mentioned here
This was the default app in IntuneManagement. The default app is now changed to Microsoft Graph PowerShell app with id 14d82eec-204b-4c2f-b7e8-296a70dab67e
The script will automatically use that app for new installations
A warning to change will be displayed if d1ddf0e4-d672-4dae-b554-9d5bdfd93547 is used
You can also register a new app, documented here and then configure that app in Settings

Note: This might require consent for the required permissions

There is no change if you are currently using a custom app or already changed to Microsoft Graph PowerShell in Settings

Also note that changing application will reset cached accounts

New features

• Compare
  • Added support for ignoring Basic properties and Assignments
    Based on Issue 203 and Issue 128
    NOTE: Properties will be logged but with empty value for Match

Fixes

• Compare

  • Fixed issue when comparing Settings Catalog settings with child settings eg Hardened UNC Paths in Security Baseline

• Import/Export

  • Added support for import of MSIX app content
    Based on Discussion 191
  • Disable autoload of modules to prevent loading MSGraph module if found
    Based on Issue 208

• Documentation

  • Language files re-generated.
  • AppTypes file re-generated. Some apps were not documented with proper name.

3.9.5

• Import/Export

  • Assignments were not exported for some policies with trailing . in the name
    Based on Issue 184
    NOTE: Policy will not export if full path is over 260 characters
  • Fixed issue with policies not being exported when Batch was enabled in Settings
    and there was only one policy for the specified object type
  • Failed to get App Protection policies when Proxy was configured
  • Fixed issue with importing policies with dependency in tenants with 100+ policies for a single policy type
    Dependency only imported first page. All pages will be imported now to resolve dependencies
    Based on Issue 183

• Fixed issue with multiple export folders when using %DateTime% in path
  Based on Issue 189

• Get Assignment Filter usage

  • Filters not returned if only assigned to one policy
    Based on Issue 141
    NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage

• Compare

  • Comparing Settings Catalog objects with exported objects failed
    Issue cause by offline documentation was not working
    Based on Issue 183

• Documentation

  • Offline documentation of Settings Catalog was not working.
    Values were always documented from online object
  • Conditional Access documentation updates for Android and iOS
  • App Protection documentation updates for Android and iOS
  • Language files re-generated. Azure shou now be Entra for some documentations.

3.9.4

Fixes

• Get Assignment Filter usage

  • All policies that supports filter should now be collected
    Please create an issue if not all expected filters are listed
    Based on Issue 141
    NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage

• Documentation

  • Added support for documenting Conditional Access policies based on Workloads
    Not 100% tested. Please report if not documented correctly

3.9.3

New features

• New tool - Get Assignment Filter usage

  • List all policies and assignments with a Filter defined
    Based on Issue 141
    NOTE: Start the tool from: Views -> Intune Tools -> Intune Filter Usage

• Batch Export of App Content Encryption Key from Intunewin files
  This script can export encryption keys from existing intunewin files
  Example:
  Export-EncrytionKeys -RootFolder C:\Intune\Packages -ExportFolder C:\Intune\Download
  This will export the encryption key information for each .intunewinfiles under C:\Intune\Packages
  One json file will be created (for each .intunwinfile) in the C:\Intune\Download folder
  File name will be <IntunewinFileBaseName>_<UnencryptedFileSize>.json
  Do NOT rename this file since the script will search for that file when downloading or exporting App content
  The script will not require authentication and it will have no knowledge of apps in Intune
  Filename and unencrypted file size is used as the identifier to match app content in Intune with encryption file
  Important notes:
  Exported and decrypted .intunewin files are not supported to use for import at the moment.
  These files are just the "zip" version of the source and can be unzipped with any zip extraction tool
  The .intunewin file used for import has the "zip" version of the file and an xml with the encryption information +
  additional file information eg. msi properties, file size etc.
  Use the exported unencrypted "zip" version to restore the original files. Re-run the packaging tool if it should be re-used as applications content

  Please report any issues or create a discussion if there are any questions
  Script is located: <RootFolder>\Scripts\Export-EncrytionKeys.ps1

Fixes

• Export

  • Fixed issue where Assignments were included in export even if 'Export Assignments' was unchecked
    Based on Issue 171

• Documentation

  • Fixed issue where filter was not documented on some policies
  • Fixed issue with Word Output provider if a policy only had one settings

• Custom ADMX Files

  • Fixed bug with migrating custom policies between environments. Cache was not cleared when swapping tenants or imported additional ADMX files
  • Fixed documentention issue with Administrative template policies in GCC environment. Name and Category was missing
    Based on Issue 174
  • Custom ADMX based policies was missing properties when swapping tenant
    Based on Issue 124

• Generic

  • Fixed logging issues when processing objects with a group that was deleted. ID was not reported
  • Generic Batch request function created to support other batch requests eg Groups

3.9.2

New features

• Application Content Export - Experimental

  • Added support for Exporting Appliction with decrypted content
    App file can be downloaded during export or from the detail view of the Application
    Enable "Save Encryption File" and specify "App download folder" in Settings
    "App download folder" is used for encryption file and manual download
    File content will be downloaded to the export foler during export
    Files will be downloaded with .encrypted extension and then decrypted to original file name
    Please report any issue or any suggestions
    NOTE: This will ONLY work if the encryption file is exported and available

• Authentication

  • Login with application
    This will login with specified Azure App ID and Secret/Certificate that is used for Batch processes
    NOTE: This will require a restart of the app
    Start with app must use -TenantID on command line. AppID and Secret/Certificate can be specified in Settings or command line
    Example: Start-IntuneManagement.ps1 -tenantId "<TenantID>" -appid "<AppID>" -secret "<Secret>"
    See Start-WithApp.cmd for samle file
    Based on Issue 122 and Issue 134

• Support for new Settings

  • Save encryption file - Saves a json file with encryption data when an application file is uploaded eg created or uploaded in details view
  • App download folder - Folder where application files should be downloaded and decrypted
  • Login with App in UI (Preview) - Use app batch login in UI
  • Use Graph 1.0 (Not Recommended) - Use Graph v1.0 instead of Beta. Note: Some features will NOT work in v1.0
    Based on Issue 170

Fixes

• Documentation

  • Language files re-generated eg Supersedence (preview) -> Supersedence
  • Added support for documenting "Filter for devices" info for Conditional Access policies
    Based on Issue 168

• Custom ADMX Files

  • Fixed issues with migrating custom policies between environments (3rd time)
    Based on Issue 124
  • Fixed issue when importing ADMX files - Encoding issue eg ADMX/ADML file was UTF8
    Based on Issue 169

• Importing Windows LoB Apps

  • Fixed issue when importing LoB Apps that was only targeted to System context
    Available Assignment option was missing after import
    Based on Discussion 164
  • Added support for Depnedency and Supersedence reations at import
    Application will need to be re-exported since additinal data is added to the export file
    Based on Discussion 159

• Generic

  • Fixed issue when compiling Procxy CS file
  • Tls 1.2 is now enforced.
    Based on Discussion 166

3.9.1

New features

• Added support for Windows Update Driver Policies

• Support for new Settings

  • Proxy configuration - If configured, Proxy will be used for authentication, APIs and upload
  • Disable Write-Error output - Skip PowerShell errors in output

Default Settings Value Changes

• Conditional Access policies will now be imported as Disabled by default
• New import option added: As Exported - Change On to Report-only
• This is to avoid being locked out from the tenant when importing Conditional Access policies
• Based on Discussion 139

Fixes

• Documentation

  • Fixed issues with some Feature Updates properties
  • Added missing strings on Windows Update polices
  • Regenerated Language files and Translation tables for Template policies
    Note: Conditional Access string has changed file in background. Please report if there is anything missing

• Custom ADMX Files

  • Fixed issues with migrating custom policies between environments
  • Case reopened due to something broke the initial functionality
  • Only custom ADMX policies with #Definition properties can be imported into a new environment
  • Based on Issue 124

• Scope Tags

  • Fixed issues with importing policies with Scope Tags but they were not set
  • Based on Issue 133

Generic

• Remove invalid characters from path.
• Based on Issue 150

3.9.0

3.9.0 - 2023-05-04

New features

• Added support for Authentication Context objects

  • These are used by Conditional Access policies
    Based on Issue 109

• Added support for Windows 365 Cloud PC settings

  • Based on Issue 125

• Added support for Export/Import Tennant Settings

  • This is added the Intune Info view for now (Views -> Intune Info)
    This means that there is no support for Bulk Import/Export. It must be done manually
    This is to minimize the risk of re-importing Tenant settings
    Based on Discussion 131

Fixes

• Documentation
  • Added full documentation of Requirement and Detection rules for Win Apps
    Based on Issue 119
  • Fixed issue were documentation could crash if Reusable Settings policies exists
    Based on Issue 123
  • Regenerated Language files and Translation tables for Template policies
• Intunwin File Upload
  • Fixed issue when uploading very large files
    Based on Issue 112
  • Fixed issue when IE not installed
• Compare
  • Fixed issue where Compare could generate an exception in the log
    Based on Issue 128
    Note: Issue 128 is only partially fixed. Compare needs a major update to fix the rest
• Import
  • Fixed an issue when creating Cloud groups based on on-prem groups without MigTable
  • Fixed an issue when importing groups with a space in the beginning
    Note: Inital spaces will be removed when importing groups
  • Fixed issue when importing Endpoint Status Page polices with applications defined
  • Fixed issue when importing Proactive Remediations (Health Scripts) with assignments
  • Fixed issue when importing a Conditional Policy with Session propery disableResilienceDefaults set to $false
  • Fixed issue when importing WiFi profiles. Support for multiple references was added eg multiple server verification certificates
    Based on Issue 114
  • Terms of Use was not visible in the menu
    Note: This might generate a Consent prompt if Use Default Permissions is not enabled
    Additional permission required on the Azure App: Agreement.ReadWrite.All

3.8.1

New features

• Added support for Reusable Settings objects

  • These are used by some of the Endpoint Security polices like Firewall rules
    Based on private request
    Note: No documentation support yet

• Added support for custom Authentication Strengths objects

  • These can be used in Conditional Access policies
    Based on Issue 109
    Note: Not all issues in 109 are fixed yet and no documentation support yet

• Export/Import

  • PowerShell files for Health Scripts exported to the Export folder
  • PowerShell files for Application Detection scripts are exported to the Export folder
    Both scripts exports are based on Issue 103

• Documentation

  • Documentation engine completely rewritten for Settings Catalog and had major updates for other object types
    Please create an issue if there are any problems
  • Added support for HTML output
  • MD output is now official with included support for CSS and single file Output.
    Based on Issue 35
  • Added support for indent on sub-properties so it will be visible that a property is set based on a parent
    Based on Discussion 90
  • Added option to skip assignments in the documentation
    Based on Issue 102
  • Moved some Output options to generic output settings; Document scripts and Remove script signature

• Generic

  • Added new property on applications, InstallerType. This can be added as a new column to the View for Applications.
    It specifies the New Microsoft Store App type; UWP or Win32
    Based on Issue 101
  • Added response information f an API call failed. The log should now have a better description on why an API failed.

Fixes

• Documentation

  • Lots of documentation issues fixed by the new Documentation engine
  • Sections and policies should now be in correct alphabetic order
    Based on Discussion 90
  • Fixed issues with assignments for Setting Catalog issues
    Based on Issue 102
  • Translation files re-generated
  • Fixed error message: "Invoke-WordTranslateColumnHeader is not recognized as the name of a cmdlet"
    Based on Issue 99

• Authentication

  • Fixed an issue when authentication to China Cloud
    Based on Issue 106