Intune Assignment Checker - Get All Assigned Policies, Profiles and Applications
Hello everyone, I published a script that will provide a detailed overview of assigned Intune Configuration Profiles, Compliance Policies, and Applications for user, groups and devices. I have also added a option that will list all Assignments to "All users" and "All devices". Download and Setup Guide: https://intuneassignmentchecker.ugurkoc.de/ I hope that this little script will be helpful for you 🙂 Best regards Ugur
MS Graph Device OS Reporting
On the Intune android device view, the OS is listed as ‘Android (fully managed)’ or ‘Android (corporate-owned work profile)’. The MS Graph command get-mgdevicemanagement just has ‘Android’ for the OS attribute. Using MS Graph, does anyone know how or where to get the ‘Android (corporate-owned work profile)’ value that shows in the device view?Microsoft Graph - List apps in chat - 404 UnknownError
In Microsoft Graph, I would like to list all Teams apps associated to an onlineMeeting (to its chat actually). According to List apps in chat - Microsoft Graph v1.0 | Microsoft Learn, this is supported with the following request : GET /chats/{chat-id}/installedApps There is a note saying that if the chat is associated with an onlineMeeting instance, then, effectively, the teamsApps installed in the meeting will be listed. That should work. However, I'm getting a 404 with UnknownError as the error.code on my end. The right permission (TeamsAppInstallation.ReadWriteForChat) is granted (Chat.ReadWrite is granted as well). Testing from Graph Explorer from now. Please note that the following is working to get chat messages with the same chat-id : GET /chats/{chat-id}/messages or the following to get chat members : GET /chats/{chat-id}/members I've tried the endpoint POST /chats/{chat-id}/installedApps to add an app to the chat as well but I'm getting the same kind of 404 (documented on Add app to chat - Microsoft Graph v1.0 | Microsoft Learn). Any advice? ThanksHow to deploy M365 Companion app through Intune
Hi All, I have a requirement of deploying M365 companion app to a few users in the company. However, when I tried with Win32 apps in Intune, it gets failed every time even though the scripts success manually. Does anyone know how to deploy M365 companion app from Intune? I have downloaded the app from below link and used the below command: https://learn.microsoft.com/en-us/microsoft-365-apps/companions/overview#set-up-the-companion-apps Echo OFF m365companionsetup.exe /quiet Thanks in advanced, Dilan
Graph API 1.0 - Listing lists doesn't return all lists (todoTaskList)
Hi, first time posting here, please let me know if I should be doing something differently! I've searched throughout the internet and couldn't find a reason for this. I've got a couple of users running into a problem where the https://learn.microsoft.com/en-us/graph/api/todo-list-lists?view=graph-rest-1.0&tabs=http endpoint only returns one list (Flagged Emails), though these users have and see many other lists in the To Do desktop (macOS) app. I've confirmed in both cases it's the same user that's identified in my app/integration and in the desktop app. They can see the tasks in that list without a problem. There are no errors requesting that list, and asking via `/users/{id|userPrincipalName}/todo/lists` also returns the same response (with that one list). Is there any known situation where this could be happening? Am I missing something obvious? Is there something else I should be trying? I've got many other customers using the To Do integration without a problem. I'm aware "My Day" and a few other special lists aren't returned. Thank you so much!Create bookingStaffMember also requires Add-MailboxPermission
I created an Entra application with the required Graph permissions to manage Bookings scheduling mailboxes so that I could update the staffing for a Bookings page that I'm not a staff member of. Using that application to request a Microsoft Graph access token, meant I had the required permissions to add a user account (that already had a Bookings license) as an "administrator" (role) for a Bookings page (Bookings business), to replace another person who was the previous Bookings page administrator, but who had since left. I used https://learn.microsoft.com/en-us/graph/api/bookingbusiness-post-staffmembers?view=graph-rest-1.0&tabs=powershell to do this. For the record, I was not able to do this using https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.bookings/new-mgbookingbusinessstaffmember?view=graph-powershell-1.0 using Microsoft.Graph.Bookings module version 2.30.0, presumably because I am not a staff member with the Bookings "administrator" role for that particular Bookings page. However, the newly added user could not access that Bookings page at https://outlook.office.com/bookings/homepage until a further step had been completed (Error: "You don't have access to this booking page" shows instead). To ensure the new Bookings page administrator could access the Bookings page, I needed to add mailbox permissions, which I used https://learn.microsoft.com/en-us/powershell/module/exchangepowershell/add-mailboxpermission?view=exchange-ps for. I found that giving the new Bookings page administrator full access to the scheduling mailbox ensured they could access the Bookings page. Example using ExchangeOnlineManagement PowerShell module: Add-MailboxPermission -Identity email address removed for privacy reasons -User email address removed for privacy reasons -AccessRights FullAccess If there is a more efficient way for an system admin to add new staff to a Bookings page, please let me know - otherwise, hopefully this helps someone who gets stuck 😊Expedite Install Status in Intune
Hi All, I was curious to know that is there anyway that we can expedite the install status in Intune. I have already tried running "sync" from Settings > Accounts > Access work or School and restart the "Microsoft Intune Management Extension" service. However, as per my experience it will take at least couple of hours to sync the status even after ran Sync from settings and restart the service. Therefore, I was wondering is there any way that we can do manually to get a install status ASAP. thanks in advance, DilanChange Teams Meeting Options (Who can bypass lobby) via Graph API
I would like to change the who can bypass lobby meeting options of teams meeting via power automate using graph api. So, I checked the meeting options via teams user interface like below first photo. Then I tried to apply this configuration on power automate via graph. So, I checked the documentation of Update Event for Teams meeting as recommended the link following: https://docs.microsoft.com/en-us/graph/api/onlinemeeting-update?view=graph-rest-1.0&tabs=http But there is not any options to restrict the user outside of my organization like the parameter "People in my organization" in the teams meeting options user interface for lobbybyPassSettings parameter. I checked how the lobbybypassSettings gets the value if the who can bypass lobby parameter has been set via teams meeting options user interface via powerautomate. It sets this parameter as "unknownFutureValue". But when I checked the documentation, Microsoft does't recommend this value to set."Insufficient privileges to complete the operation" when listing Planner tasks from Project
Hi, it's only my time posting here, please let me know if I should be doing something differently! I've searched throughout the internet and couldn't find a solution for this. I've got a user running into a problem where the `/me/planner/tasks`, `/planner/buckets/{bucketId}/tasks`, and `/planner/plans/{planId}/tasks` endpoints return a `Authorization_RequestDenied` error. Here's an example response: { "code": "Authorization_RequestDenied", "message": "Insufficient privileges to complete the operation.", "innerError": { "date": "2025-07-23T08:15:50", "request-id": "bd5f7056-a41d-439c-a0d7-d768cd82d1ea", "client-request-id": "362f376c-863e-0616-86f7-22c7c07c1352" } } While this happens for almost all of their groups and plans, it doesn't happen for one. The main difference between that which works and the other ones which don't is that all the ones that don't work were created in Microsoft Project (Platinum, I think?). The one that does was created in Planner. We can, however, list the proper plans and buckets, just not fetch the tasks. Is there any way around this? Is there some kind of special scope I should be asking for so the API calls work? Should I use the To Do API in some special way for this, instead? Thank you so much!
