This came from a requirement to ensure that all devices in Intune had a configuration policy assigned to them. I noticed it was possible in the GUI to get a list of all your devices then if you select them it will show you the configuration policies however this has 2 flaws:
First there was no way to bulk export this data for all devices. You can export all devices which gives their names etc but this skips the configuration profiles
Also configuration policies do not appear on the devices configuration policies tab until the device unless the device has actually checked in recently. For us this was an issue as we use dynamic group for devices and we may slowly roll them out through the year so unless the device is in a users hands its hard to confirm it has the correct policies assigned before we issue it.
This script uses an export of your devices in Intune. You’ll need to do this step manually by going to the all devices page then clicking export. This gives you the flexibility to apply filters to the specific device types you want to query.
With this file in hand use it as the input in the following script to get Intune Configuration Policies assigned to devices
One thing to note about this script (which I have also added as comments) is that if you execute this from VSCode it will show the open/save dialog behind the main VSCode window so it will look like the script isn’t doing anything
https://github.com/SysadminPaul/Scripts/blob/main/Intune/Get-DeviceConfigPolicies.ps1
Leave a Reply