![]() $App = '\WindowsPowerShell\v1.0\powershell.To deploy updates for Intune-only managed devices, you have to use Windows Update for Business rings. $RegPath = 'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings' # Register the AppID in the registry for use with the Action Center, if required # Check for required entries in registry for when using Powershell as application for the toast $BodyText2 = "Please save your work and restart your device today. $BodyText1 = "For performance and stability reasons we suggest a reboot at least once a week." $TitleText = "Your device has not performed a reboot the last $($) days" $HeaderText = "Computer Restart is needed!" #Defining the Toast notification settings Invoke-WebRequest -Uri $HeroImageUri -OutFile $HeroImage Invoke-WebRequest -Uri $LogoImageUri -OutFile $LogoImage $HeroImage = "$env:TEMP\ToastHeroImage.png" $LogoImage = "$env:TEMP\ToastLogoImage.png" Write-Output -Message 'Make sure the script is running as the logged on user' -Level Warn Write-Output -Message 'Something went wrong when displaying the toast notification' -Level Warn ::CreateToastNotifier($App).Show($ToastXml) $ToastXML = New-Object -TypeName .XmlDocument # Load the notification into the required format If you want to add an actual reboot to an action button on the Toast look into Martin’s blogs about this and install his Protocol extension solution. Also here mind your exit codes and Write-Output to get a nice report in Endpoint Manager portal. This notification are deeply inspired by Martin Bengtson’s Toast notification solution. In the remediation script we will call a Toast Notification to notify the user that a reboot is needed. Also the Write-Output here is something you should always have as this will show up in the Intune Console. If you just want to run a remediation to go on all machine regardless of detection, you can just create a script the returns Exit 1 and the remediation script will run and you will have the status in the console. If the exit code is 0, the status is OK and the remediation script will not run. When the detection script returns exit code 1, it will tell Proactive Remediations to run the remediation script. Write-Output "Device has rebootet $($) days ago, all good" Write-Output "Device has not rebootet on $($) days, notify user to reboot" $Uptime= get-computerinfo | Select-Object OSUptime Lets start with the detection script: Detection Script I have created a proactive remediation package that will check for computer uptime and tell the user to reboot if the device has not rebooted in 7 days. There are 2 built in script packages for you to get started, but lets go through how we can create a simple script package our self. To find proactive remediations go to -> Reports -> Endpoint Analytics (Preview) -> Proactive Remediations The Powershell execution policy can’t be set to Restricted or AllSigned.Windows Virtual Desktop Access E3 or E5.Windows 10 Education A3 or A5 (included in Microsoft 365 A3 or A5).Windows 10 Enterprise E3 or E5 (included in Microsoft 365 F3, E3, or E5).Proactive remediations also requires the licensing for Endpoint Analytics and one of these licenses for enrolled devices:.“ Microsoft Docs says Pro is OK, but right now Windows 10 Pro devices can’t be enrolled into endpoint analytics. Windows 10 Enterprise or Education device that is managed by Intune.Devices must be Azure AD joined or Hybrid AD Joined.Devices must be enrolled into Endpoint Analytics (See her for Intune).The difference is that now we have scheduling and also reporting on the specific case we want to fix. Proactive remediations uses the Intune Management extension to run the scripts on the device like you already can do today using powershell script assignments in Intune. ![]() ![]() The remediation script is not required, but it defeats the purpose unless you are just looking for some reports on a specific setting or configuration of your devices. If you currently have your support scripts or configuration items in Configuration Manager, this is the feature that allows you to move this functionality to the cloud.Įach package should have a detection script and a remediation script. It allows us to be inventive and proactive on maintaining our clients. Proactive Remediations is truly a great new feature in the Modern Management space. Did I say schedule script runs on Windows? Yes I did. This also allows you to schedule scripts to run on all your devices at a certain time (hourly or daily) or do a run once. Proactive Remediations allows you to detect and fix common support issues on a user’s device. Proactive Remediations is a part of the new Microsoft Endpoint Manager feature Endpoint Analytics.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |