Init Go-IntuneWin32App-Bulk.ps1

Signed-off-by: Georg Pfuetzenreuter <georg@lyergic.dev>
2021-11-10 17:16:11 +01:00 · 2021-11-10 17:16:11 +01:00 · f7b9c8b0b1
commit f7b9c8b0b1
parent 463613998d
1 changed files with 164 additions and 0 deletions
--- a/Go-IntuneWin32App-Bulk.ps1
+++ b/Go-IntuneWin32App-Bulk.ps1
@ -0,0 +1,164 @@
+###
+# Creeated: 03/11/2021 - georg@lysergic.dev
+# Modified: 09/11/2021 - georg@lysergic.dev - Added Intune API based app upload/creation
+# Modified: 10/11/2021 - georg@lysergic.dev - Added Intune API based app assignment
+# Modified: 10/11/2021 - georg@lysergic.dev - Added Retry block to catch notPublished assignment errors
+# 
+# Required structure:
+# ..\Packages - Sources
+# ..\Intune - Intune Output
+# ..\Meta - Package specific configuration (version, architecture and detection method)
+# ./IntuneWinAppUtil.exe - Tool
+# ./ServiceUI.exe - System context wrapper
+#
+# Other prerequesites:
+# $ Connect-MSIntuneGraph -TenantID <customer>.onmicrosoft.com -ClientID <API Application ID> -Verbose
+# Tip: utilize ./connect-<customer>.ps1 if available
+###
+
+# to-do: move GroupID into a config file. allow for multiple groups.
+$GroupID = "<DEVEL USER ASSIGNMENT GROUP>"
+
+# Create IntuneWin blackbox files:
+Write-Host "`nBulk Action 1/2: " -ForegroundColor White -BackgroundColor Blue
+Write-Host "Processing of .intunewin files started ...`n"
+$init_name = "ServiceUI"
+$init_suffix = "exe"
+foreach ($app in Get-ChildItem ..\Packages\) {
+    Copy-Item .\ServiceUI.exe ..\Packages\$app\
+    $basedir = "..\Intune"
+    $outdir = "$basedir\$app"
+    If (!(test-path $basedir\$app.intunewin)) {
+        New-Item -ItemType Directory -Force -Path $outdir
+        .\IntuneWinAppUtil.exe -c "..\Packages\$app" -s "$init_name.$init_suffix" -o "$outdir"
+        Move-Item $outdir\$init_name.intunewin $basedir\$app.intunewin
+        Remove-Item $outdir
+    } else {
+        Write-Host "Skipping IntuneWin creation: " -ForegroundColor Yellow -NoNewline
+        Write-Host "An intunewin file for $app already exists."
+    }
+}
+
+# Create Win32App objects in Intune and Upload the IntuneWin files we created above:
+Write-Host "`nBulk Action 2/2: " -ForegroundColor White -BackgroundColor Blue
+Write-Host "Processing of Intune Win32App objects started ...`n"
+foreach ($IntuneFile in Get-ChildItem ..\Intune\) {
+    $Version = $null
+    $Architecture = $null
+    $ProductCode = $null
+    $DetectionScriptFile = $null
+    $Key = $null
+    $ValueName = $null
+    $ValueContent = $null
+    $Operator = $null  
+
+    $IntuneWinPath = "..\Intune\$IntuneFile"
+    $IntuneWinFile = "$IntuneFile"
+    $DisplayNameConstruct = $IntuneWinFile.Replace("_"," ").Replace(".intunewin","")
+    $app = $IntuneWinFile.Replace(".intunewin","")
+    $DisplayName = "MEM - $DisplayNameConstruct"
+    
+    $Win32App = Get-IntuneWin32App -DisplayName "$DisplayName"
+    If ($Win32App) {
+        Write-Host "Skipping Win32App creation: " -ForegroundColor Yellow -NoNewline
+        Write-Host "$DisplayName might already exist in Intune."
+    } else {
+        Write-Host "Creating and uploading Win32App: " -ForegroundColor Blue -NoNewline
+        Write-Host "$DisplayName"
+        If (Test-Path -Path ..\Meta\$app) {
+            Get-Content ..\Meta\$app | Where-Object {$_.length -gt 0} | Where-Object {!$_.StartsWith("#")} | ForEach-Object {
+                $var = $_.Split('=',2).Trim()
+                Set-Variable -Scope Script -Name $var[0] -Value $var[1]
+            }
+            switch ($DetectionMethod) {
+                msi { $DetectionRule = New-IntuneWin32AppDetectionRuleMSI -ProductCode "$ProductCode" }
+                script { $DetectionRule = New-IntuneWin32AppDetectionRuleScript -ScriptFile $DetectionScriptFile -EnforceSignatureCheck $false -RunAs32Bit $false }
+                registry-integer { $DetectionRule = New-IntuneWin32AppDetectionRuleRegistry -KeyPath "$Key" -ValueName "$ValueName" -IntegerComparison -IntegerComparisonOperator "$Operator" -IntegerComparisonValue "$ValueContent" }
+                file { $DetectionRule = New-IntuneWin32AppDetectionRuleFile -FileOrFolder file -Path "$FilePath" -DetectionType exists -Existence }
+                default { Write-Host "Error: " -ForegroundColor Red -NoNewline
+                        Write-Host "Broken metafile or invalid DetectionMethod. Aborting further processing."
+                        Exit 1 }
+            }
+            $InstallCommandLine = "ServiceUI.exe -process:explorer.exe `"Deploy-Application.exe`""
+            $UninstallCommandLine = "ServiceUI.exe -process:explorer.exe `"Deploy-Application.exe -DeploymentType Uninstall`""
+            $IntuneDescription = "$DisplayNameConstruct $Version $Architecture"
+            $IntuneDisplayName = "$DisplayName $Version"
+            If (test-path ..\Logos\$app.png) {
+                $ImageFile = "..\Logos\$app.png"
+                $Icon = New-IntuneWin32AppIcon -FilePath (Resolve-Path $ImageFile)
+                Add-IntuneWin32App -FilePath (Resolve-Path $IntuneWinPath) -DisplayName $IntuneDisplayName -Description $IntuneDescription -Publisher "Atos" -InstallExperience "system" -RestartBehavior "suppress" -DetectionRule $DetectionRule -InstallCommandLine $InstallCommandLine -UninstallCommandLine $UninstallCommandLine -Icon $Icon
+            } ElseIf (test-path ..\Logos\$app.jpg) {
+                $ImageFile = "..\Logos\$app.jpg"
+                $Icon = New-IntuneWin32AppIcon -FilePath (Resolve-Path $ImageFile)
+                Add-IntuneWin32App -FilePath (Resolve-Path $IntuneWinPath) -DisplayName $IntuneDisplayName -Description $IntuneDescription -Publisher "Atos" -InstallExperience "system" -RestartBehavior "suppress" -DetectionRule $DetectionRule -InstallCommandLine $InstallCommandLine -UninstallCommandLine $UninstallCommandLine -Icon $Icon
+            } ElseIf (test-path ..\Logos\$app.jpeg) {
+                $ImageFile = "..\Logos\$app.jpeg"
+                $Icon = New-IntuneWin32AppIcon -FilePath (Resolve-Path $ImageFile)
+                Add-IntuneWin32App -FilePath (Resolve-Path $IntuneWinPath) -DisplayName $IntuneDisplayName -Description $IntuneDescription -Publisher "Atos" -InstallExperience "system" -RestartBehavior "suppress" -DetectionRule $DetectionRule -InstallCommandLine $InstallCommandLine -UninstallCommandLine $UninstallCommandLine -Icon $Icon
+            } else {
+                Add-IntuneWin32App -FilePath (Resolve-Path $IntuneWinPath) -DisplayName $IntuneDisplayName -Description $IntuneDescription -Publisher "Atos" -InstallExperience "system" -RestartBehavior "suppress" -DetectionRule $DetectionRule -InstallCommandLine $InstallCommandLine -UninstallCommandLine $UninstallCommandLine
+            }
+        } else {
+            Write-Host "Skipping Win32App creation: " -ForegroundColor Yellow -NoNewline
+            Write-Host "I couldn't find a metafile at ..\Meta\$app."
+        }
+    }
+
+    # If the app output was empty earlier, it should now contain a freshly created app:
+    If (!($Win32App)) {
+        $Win32App = Get-IntuneWin32App -DisplayName "$DisplayName"
+    }
+
+    # Assign the app to our user group, if it is not assigned already:
+    $Win32AppAssignment = Get-IntuneWin32AppAssignment -ID $Win32App.id
+ 
+    If ($Win32AppAssignment) {
+        Write-Host "Skipping Assignment: " -ForegroundColor Yellow -NoNewline
+        Write-Host "$DisplayName seems to be assigned already."
+    } Else {
+        Add-IntuneWin32AppAssignmentGroup -Include -ID $Win32App.id -GroupID $GroupID -Intent "available" -Notification "hideAll"
+    }
+
+    $AssignmentLoop = $false
+    $AssignmentTries = "3"
+    [int]$AssignmentRetryCount = "0"
+    do {
+        $AssignmentRetryCount = $AssignmentRetryCount + 1
+        try {
+            If ($Win32App.publishingState -eq 'notPublished') {
+                Write-Host "Warning: " -ForegroundColor Yellow -NoNewline
+                Write-Host "$DisplayName is not marked as `"published`" yet!"
+                $AssignmentLoop = $false
+                throw "1"
+            } ElseIf ($Win32App.publishingState -eq 'published') {
+                Write-Host "OK: " -ForegroundColor Green -NoNewline
+                Write-Host "Finished processing of $DisplayName."
+                $AssignmentLoop = $true
+            } Else {
+                Write-Host "Error: " -ForegroundColor Red -NoNewline
+                Write-Host "Processing of $DisplayName failed. Unhandled publishingState. You should debug this."
+                $AssignmentLoop = $false
+            }
+        } catch {
+                If ($AssignmentRetryCount -ge $AssignmentTries) {
+                    Write-Host "Error: " -ForegroundColor Red -NoNewline
+                    Write-Host "Failed to aquire `"published`" state. Stopping further processing of $DisplayName."
+                    Write-Host "You might need to run this script again in a few minutes for the assignment to push. " -NoNewline
+                    Write-Host "If you already run this script twice and it still doesn't work, please delete the app from Intune before trying it again - consider using the following command:"
+                    Write-Host "`` Remove-IntuneWin32App -ID"$Win32App.id"`` `nGood luck!"
+                    $AssignmentLoop = $true
+                    #throw $_.Exception
+                } Else {
+                    #Write-Host "Warning: " -ForegroundColor Yellow -NoNewline
+                    #Write-Host "Failed to aquire `"published`" state. Trying again in 20 seconds ..."
+                    Write-Host "Trying again in 20 seconds - " -NoNewline
+                    Write-Host "This was attempt $AssignmentRetryCount out of $AssignmentTries..."
+                    Start-Sleep -Seconds 20
+                    $Win32App = Get-IntuneWin32App -DisplayName "$DisplayName"
+                }
+            }
+        }
+        while ($AssignmentLoop -eq $false)
+    Write-Host "`n"
+}
+# EOF