Configure profiles for user and devices - Manage devices in Intune using scripts Flashcards
What does the Intune management extension allow you to upload?
PowerShell scripts for Windows devices and shell scripts for macOS
What does the Intune management extension supplement?
Mobile device management (MDM) capabilities
What is one benefit of using the Intune management extension?
Easier transition to modern management
What can you create to run on devices using Intune?
Scripts that provide necessary capabilities
Fill in the blank: You can create a PowerShell script that installs a legacy _______ on your Windows devices.
Win32 app
After creating a PowerShell script, what is the next step to manage it?
Upload the script to Intune
To whom can you assign the uploaded script in Intune?
A Microsoft Entra group
What can you monitor regarding the script on Windows devices?
The run status of the script from start to finish
What are the 3 prerequisites for Intune management extension for Windows devices?
- Version 1607 or later
- Devices must be joined to Microsoft Entra ID, including Hybrid AD joined devices
- Automatic MDM enrollment must be enabled in Microsoft Entra ID
What are the 4 prerequisites for Intune management extension for macOS devices?
- version 10.12 or later
- Devices are managed by Intune
- Shell scripts begin with #! and must be in a valid location such as #!/bin/sh or #!/usr/bin/env zsh
- Command-line interpreters for the applicable shells are installed
What are the 4 steps to create a PowerShell script policy for Windows?
Step 1 : In the Microsoft Intune admin center, select Devices.
Step 2 : In the Policy section, select Scripts and select Add, then select Windows 10 and later.
Step 3 : Adding scripts is similar to the process for creating a profile. After adding a name and description, you’ll configure the Script settings.
In Script settings, enter the following properties:
* Script location : Browse to the PowerShell script. The script must be less than 200 KB (ASCII).
* Run this script using the logged on credentials : Select Yes to run the script with the user’s credentials on the device. Choose No (default) to run the script in the system context. Many administrators choose Yes. If the script is required to run in the system context, choose No.
* Enforce script signature check : Select Yes if the script must be signed by a trusted publisher. Select No (default) if there isn’t a requirement for the script to be signed.
* Run script in 64-bit PowerShell host : Select Yes to run the script in a 64-bit PowerShell host on a 64-bit client architecture. Select No (default) runs the script in a 32-bit PowerShell host.
Step 4 : Select Next and configure scope tags and assignments. Note that PowerShell scripts in Intune can be targeted to Microsoft Entra device security groups or Microsoft Entra user security groups.
What are the 2 steps to create a script policy for macOS?
Adding a script for the macOS uses the** same steps** creating a PowerShell script policy, selecting macOS after choosing Add.
The macOS script settings are slightly different.
Step 3 : In Script settings, enter the following properties:
* Upload script: Browse to the Shell script. The script must be less than 200 KB (ASCII).
* Run script as signed-in user: Select Yes to run the script with the user’s credentials on the device. Choose No (default) to run the script as the root user.
* Hide script notifications on devices: By default, script notifications are shown for each script that is run. End users see an IT is configuring your computer notification from Intune on macOS devices.
* Script frequency: Select how often the script is to be run. Choose Not configured (default) to run a script only once.
* Max number of times to retry if script fails: Select how many times the script should be run if it returns a non-zero exit code (zero, meaning success). Choose Not configured (default) to not retry when a script fails.
Step 4 : Select Next and configure scope tags and assignments. Note that shell scripts assigned to user groups apply to any user signing in to the Mac.
