Forum Discussion
Powershell extract TPM and Envryption Readiness information from Intune
Hi,
I'm trying to automate a report on Bitlocker coverage on Intune managed devices. I'm using Graph API to extract device information from Intune, querying this URL:
How can I extract this information over powershell?
Thanks
- tobiassandbergIron Contributor
Hi dmarquesgn, have you tried the excellent solution called Graph X-Ray (merill.net)? It will help you find which Powershell commands to use when using the Intune portal.
The answer I got from the addon was the following:Import-Module Microsoft.Graph.Beta.DeviceManagement.Actions $params = @{ select = @( "DeviceId" "DeviceName" "DeviceType" "OSVersion" "TpmSpecificationVersion" "EncryptionReadinessState" "EncryptionStatus" "UPN" ) filter = "" skip = 0 search = "" top = 50 } Get-MgBetaDeviceManagementReportEncryptionReportForDevice -BodyParameter $params
- dmarquesgnIron Contributor
tobiassandberg Thanks for the tip, I didn't knew it.
Abou the cmdlet "Get-MgBetaDeviceManagementReportEncryptionReportForDevice", is the only form of extracting the data to output it to a file? This way we need to then import it.
One other question, I'm exporting the results and import them into a variable with "Get-Content". When I look at the content, this seems a JSON, so I convert it using the option "ConvertFrom-Json" and then I get a PSCustomObject variable. But the format seems odd, as I can't access it's individual values like in an array.
Is there any option to import this directly as an array so I can parse it easily?
Thanks
- tobiassandbergIron Contributor
Thanks dmarquesgn!
With the recent changes to Intune’s reporting mechanism by Microsoft, the method you’re using is the only one I’m aware of to retrieve such information. Regrettably, this process generates a file rather than a direct output, necessitating the need to save it for subsequent processing. Docs are describing it here: Use Graph APIs to export Intune Reports | Microsoft Learn
Regarding your second question, try this and see if it helps you:# Assume that $jsonFilePath contains the path to your JSON file $jsonFilePath = "path_to_your_json_file.json" # Read the JSON file and convert it to a PowerShell object $json = Get-Content -Path $jsonFilePath -Raw | ConvertFrom-Json # Now $json is a PowerShell object that represents the JSON data # You can access its properties like this: $columns = $json.columns $values = $json.values # Now $columns is an array of column names and $values is an array of rows # You can access individual items in these arrays like this: $firstColumnName = $columns[0] $firstRow = $values[0] # Now $firstColumnName is the first column name and $firstRow is the first row # $firstRow is a PSCustomObject that represents a row, you can access its properties like this: $firstDeviceName = $firstRow.DeviceName