smsagent.blog
  • docs.smsagent.blog
  • Custom Reporting in Microsoft Intune
    • Delivery Optimization Report
    • Windows Update for Business Custom Reporting
      • Power BI Report Walkthrough
      • Known issues / limitations
      • Change log
      • Deploy the solution
        • Create Azure Resources
        • Configure Azure Resources
        • Deploy the client-side script
        • Deploy the Azure automation runbooks
        • Configure the Power BI report
      • Adding additional language support
      • Table schema reference
    • Automating Data Exports from Microsoft Graph
      • Azure Automation account
        • Create / configure an Azure automation account
        • Grant API permissions
        • Create an Azure automation runbook
      • Azure Storage account
      • Automate Data Export to Azure Storage Account
      • Automate Data Export to Azure Monitor Logs
      • Creating / Troubleshooting Runbooks
      • Power BI
        • Connect Power BI to an Azure storage account data source
        • Connect Power BI to an Azure log analytics workspace as a data source
    • Managed Devices Report
      • Create / configure an Azure automation account
      • Grant API permissions
      • Create / configure an Azure storage account
      • Create an Azure automation runbook
      • Create a PowerBI report
      • MEM Managed Device Report template
      • Bonus! Unhealthy MEMCM Clients email report
    • Intune Assignments Report
      • Create / configure an Azure automation account
      • Grant API permissions
      • Create / configure an Azure storage account
      • Create an Azure automation runbook
      • Create a Power BI report
      • Change log
    • Patch My PC Report
      • A look at the Power BI reports
      • Change log
      • Video guides
      • Things to know
      • Create / configure an Azure automation account
      • Grant API permissions
      • Create / configure an Azure storage account
      • Create an Azure automation runbook
      • Create the Power BI report
      • Feedback
    • Windows 11 Hardware Readiness Report
    • Gathering Custom Inventory with Intune
      • Set up the Azure Resources
      • Create a Proactive remediations script package
      • Create a runbook
  • PowerShell Scripts Online Help
    • Get-AzSubscriptionActivityLog
  • Azure Solutions
    • Automated Azure Table Storage Backups
      • Change log
      • Deploy the solution
        • Create the Azure resources
        • Set the backup schedule
        • Add storage tables to the backup
        • Add role assignments to the storage account/s
        • Create a lifecycle management rule
      • Run a manual backup
      • Restore a backup
Powered by GitBook
On this page
  • Create the script package
  • View the output

Was this helpful?

  1. Custom Reporting in Microsoft Intune
  2. Gathering Custom Inventory with Intune

Create a Proactive remediations script package

PreviousSet up the Azure ResourcesNextCreate a runbook

Last updated 3 years ago

Was this helpful?

In this simple example, we'll create a script package in Proactive remediations in the MEM portal which will report on whether a device is pending a restart from software updates.

Create the script package

In the MEM portal, navigate to Reports > Endpoint Analytics > Proactive remediations

Click Create script package and give it a name and description

Download the following script, then on the Settings page in the script package upload it as the Detection script file. There is no need to add a remediation script. Run the script in 64-bit PowerShell.

Have a read of the script so you understand how it works. You can use it as a starting point for your own scripts. The key things are that the inventoried data is outputted as key-value pairs in JSON format and that the output is not longer than the permitted length.

Add a scope tag if you need to.

On the Assignments page add an assignment and set the schedule.

Don't run the script more frequently than necessary. If the data you are inventorying doesn't change often, don't inventory it often. Also consider how often you will be exporting the data - if that's once per day, for example, a daily schedule on the PR should suffice.

Click Create.

View the output

Once some of your targeted devices have run the script, you can view the output in the MEM portal and verify that it's good.

In Proactive remediations, click on the script package you created and view the Device status report.

To view the output, click Columns and select at least the Pre-remediation detection output column.

In that column, click Review to see the output.

Note that the output is in JSON format - this makes it easy for the automation runbook to use the data.

https://github.com/SMSAgentSoftware/MEM/blob/main/Custom%20Inventory%20with%20Proactive%20Remediations/-Inventory-Software%20Updates.ps1
###################################################

## INVENTORY: SOFTWARE UPDATES SCHEDULED RESTART ##

###################################################



# Reboot required

If (Test-Path 'HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\RebootRequired')

{

    $RebootRequired = "True"

}

else 

{

    $RebootRequired = "False"

}



# Other locations to check for restart pending

# HKLM:\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Orchestrator\RebootRequired

# HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\StateVariables | RebootRequired | 1



# ScheduledRebootTime

$RegScheduledReboot = Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\StateVariables -Name ScheduledRebootTime -ErrorAction SilentlyContinue | Select -ExpandProperty ScheduledRebootTime

If ($RegScheduledReboot)

{

    $ScheduledRebootTime = [DateTime]::FromFileTimeUtc($RegScheduledReboot) | Get-Date -format "yyyy-MM-ddTHH:mm:ssZ"

}

else 

{

    $ScheduledRebootTime = $null

}



# EngageReminderLastShownTime

$RegEngagedReminder = Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Name EngageReminderLastShownTime -ErrorAction SilentlyContinue | Select -ExpandProperty EngageReminderLastShownTime

If ($RegEngagedReminder)

{

    $EngagedReminder = $RegEngagedReminder

}

else 

{

    $EngagedReminder = $null

}



# PendingRebootStartTime

$RegPendingRebootTime = Get-ItemProperty -Path HKLM:\SOFTWARE\Microsoft\WindowsUpdate\UX\Settings -Name PendingRebootStartTime -ErrorAction SilentlyContinue | Select -ExpandProperty PendingRebootStartTime

If ($RegPendingRebootTime)

{

    $PendingRebootTime = $RegPendingRebootTime

}

else 

{

    $PendingRebootTime = $null

}



# Prepare the hash

$SoftwareUpdatesHash = @{

    SU_RebootRequired = $RebootRequired

    SU_ScheduledRebootTime = $ScheduledRebootTime

    SU_EngageReminderLastShownTime = $EngagedReminder

    SU_PendingRebootStartTime = $PendingRebootTime

}



# Convert to JSON and output

$SoftwareUpdatesJson = $SoftwareUpdatesHash | ConvertTo-Json -Compress

If ($SoftwareUpdatesJson.Length -gt 2048)

{

    Write-Output "Output is longer than the permitted length of 2048 characters."

    Exit 1

}

Else 

{

    Write-Output $SoftwareUpdatesJson

    Exit 0

}