PowerShell script to change font of office apps
Hi, We are using Microsoft 365 for Enterprise for delivery office apps to users via Microsoft Intune. Currently the default font for all office apps is Calibri and now users want that it should change to Arial, 11 font. Is there a way in Powershell to make that change. I have been suggested ways to do it with .net objects or Interop. Can someone please share a sample PowerShell script or a full script to make that change. Thanks, Ashish Arya
Windows 11 assigned access - setting kiosk mode over powershell and WMI
Hey guys, so currently as this article states, kiosk multi app mode in Intune for windows 11 is on the roadmap, but there is no ETA, when it comes live. https://techcommunity.microsoft.com/t5/windows-it-pro-blog/multi-app-kiosk-mode-now-available-in-windows-11/ba-p/3845558 I then tried as this article shows (https://learn.microsoft.com/en-us/windows/configuration/lock-down-windows-11-to-specific-apps to run the stated powershell script with my own configured XML file, as you can see here: $nameSpaceName="root\cimv2\mdm\dmmap" $className="MDM_AssignedAccess" $obj = Get-CimInstance -Namespace $namespaceName -ClassName $className Add-Type -AssemblyName System.Web $obj.Configuration = [System.Web.HttpUtility]::HtmlEncode (@" <?xml version="1.0" encoding="utf-8" ?> <AssignedAccessConfiguration xmlns="http://schemas.microsoft.com/AssignedAccess/2017/config" xmlns:win11="http://schemas.microsoft.com/AssignedAccess/2022/config"> <Profiles> <Profile Id="dca70007-6874-49b3-930f-26ead1d85918"> <AllAppsList> <AllowedApps> <App AppUserModelId="Citrix.Workspace" rs5:AutoLaunch="true"> <App AppUserModelId="MSEdge" /> <App AppUserModelId="Microsoft.WindowsCalculator_8wekyb3d8bbwe!App" /> <App AppUserModelId="Microsoft.Windows.Explorer" /> </AllowedApps> </AllAppsList> <win11:StartPins> <![CDATA[ {"pinnedList": [ {"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Citrix Workspace.lnk"}, {"desktopAppLink":"%ALLUSERSPROFILE%\\Microsoft\\Windows\\Start Menu\\Programs\\Microsoft Edge.lnk"}, {"packagedAppId":"windows.immersivecontrolpanel_cw5n1h2txyewy!microsoft.windows.immersivecontrolpanel"}, {"desktopAppLink":"%APPDATA%\\Microsoft\\Windows\\Start Menu\\Programs\\File Explorer.lnk"}, {"packagedAppId":"Microsoft.WindowsCalculator_8wekyb3d8bbwe!App"} ]} ]]> <win11:StartPins/> <Taskbar ShowTaskbar="true"/><Taskbar/> </Profile> </Profiles> <Configs> <Config> <AutoLogonAccount/> <DefaultProfile Id="{c374b80f-6aea-4c02-b1db-7bb1dfc4fe84}"/> </Config> </Configs> </AssignedAccessConfiguration> "@) Set-CimInstance -CimInstance $obj but im getting following errors: Get-CimInstance: C:\Users\michael.woerner\GitHub-Repo\Github_Work\Intune\Scripts\Kiosk-XML-WMI.ps1:3:8 Line | 3 | $obj = Get-CimInstance -Namespace $namespaceName -ClassName $classNam … | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Zugriff verweigert. InvalidOperation: C:\Users\michael.woerner\GitHub-Repo\Github_Work\Intune\Scripts\Kiosk-XML-WMI.ps1:5:1 Line | 5 | $obj.Configuration = [System.Web.HttpUtility]::HtmlEncode | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | The property 'Configuration' cannot be found on this object. Verify that the property exists and can be set. Set-CimInstance: C:\Users\michael.woerner\GitHub-Repo\Github_Work\Intune\Scripts\Kiosk-XML-WMI.ps1:44:30 Line | 44 | Set-CimInstance -CimInstance $obj | ~~~~ | Cannot bind argument to parameter 'InputObject' because it is null. Can you guys help me with that?Deploying Desktop Wallpaper script in Azure Active Directory-Joined Windows 10 Pro devices
I followed the script alternative described in https://msendpointmgr.com/2021/02/02/manage-desktop-wallpaper-with-microsoft-intune And I would like some assistance in regards to my client’s failure to take ownership message prompted. I have pushed this script, but I am getting log errors. I think it is important to notice this Win10 Pro (19042.1052) client’s are all Azure Active Directory Joined and managed through the Microsoft Endpoint Manager and with Windows Defender turned on. There are no local accounts in the devices. I noticed that I needed to change the Administrator and User security groups to match the local language (Spanish MX). I do not know if there are other language groups to be changed in the script, or If I am missing out other reasons that could be preventing the for the taking ownership command to execute correctly. I tried to run the script by logging in physically in one device and permissions are requested in a prompt window. Images downloaded and stored but it is not replacing. Thanks!
Powershell Script when installing MSI and MSP together
Hi, I'm doing an Intune packaging where I have below PowerShell Script when installing MSI and MSP together, however, it installs only msi wondering if something is wrong why MSP is not installing. $InstallDir = "C:\Program Files\" $shortcuts = "1" $reference = "TRIM" #We can automate and control based on installed features on the pc $word = "1" $excel = "1" $powerpoint = "1" $outlook = "1" $project = "0" $date = ((get-date).ToUniversalTime()).ToString("yyyyMMddThhmmssZ") $logPath = "C:\TEMP" $CMlog = $logPath+"\CM_Install_$date.log" $patchlog = $logPath+"\CM_Patch_Install_$date.log" New-Item -ItemType Directory -Force -Path $logPath | Out-Null $cmArg = '/i "'+"$PSScriptRoot"+'\'+'CM_Client_x64.msi" /qn /norestart /l*v "'+"$CMlog"+'" INSTALLDIR="'+"$InstallDir"+'" TRIM_DSK="'+"$shortcuts"+'" TRIMREF="'+"$reference"+'" WORD_ON="'+"$word"+'" EXCEL_ON="'+"$excel"+'" POWERPOINT_ON="'+"$powerpoint"+'" OUTLOOK_ON="'+"$outlook"+'" PROJECT_ON="'+"$project"+'"' Start-Process "msiexec.exe" -Wait -ArgumentList $cmArg $patchArg = '/i "'+"$PSScriptRoot"+'\'+'CM_Patch1.msp" /qn /norestart /l*v "'+"$Patch1log"+'"' Start-Process $file -Wait -ArgumentList $patchArg $patchArg = '/i "'+"$PSScriptRoot"+'\'+'CM_Patch1H41.msp" /qn /norestart /l*v "'+"$Hotfixlog"+'"' Start-Process $file -Wait -ArgumentList $patchArgQuestion: Script to see if device is Azure AD joined
We often receive notebooks that are still joined to a Azure AD tenant. Is there a (simple) Powershell script that shows if a device is still joined to a tenant? Knowing which exact tenant the device is registered to is a nice-to-have but not required. FYI, we already tried the cmd command 'dsregcmd' but unfortunately the output was not reliable. We found multiple occasions where dsregcmd claimed the device was not Azure AD joined while it definitely was.
