Automated filter rule update in Intune

Automated filter population in Intune

If you have read the article ā€œPhased deploymentā€ you should have asked yourself what if I need to automate this filter update process.

Unfortunately, there’s nothing to automate in the Microsoft Intune Admin Center portal. However, if you’re interested in leveraging PowerShell AzureAD and MsGraph module you can accomplish it by following the steps below:

  1. Connect to AzureAd
  2. Connect to MsGraph
  3. Retrieve all members from the filter you’re using as an exclusion list
    1. Back it up
  4. Retrieve all members from CrowdStrike Install Phase 2 (sec. group)
    1. Save a list to a CSV or text file as member history
  5. Make sure CrowdStrike Install Phase 2 (sec. group) members will always overwrite the existing list
    1. Work on the JSON format to PATCH the specific filter using graph API
  6. Update this filter “rule” parameters with the new DEVICES list

Additional steps

In case you have an automation tool, import this script to your tool and track only its events from there.

In our environment, we have Puppet automating this task.

Be aware that there’s a region 00 – default in the code referring to the current location.

I always the same folder structure in the DEV environment c:\temp\YYYY\MM\DD\ to work at and save all logs, backup files, and results.

Cheers,

Thiago Beier

Github

One thought on “Automated filter rule update in Intune

Comments are closed.