IntuneBackupAndRestoreSP

4.0

Public/Invoke-IntuneBackupDeviceManagementScriptSP.ps1

                                function Invoke-IntuneBackupDeviceManagementScriptSP {

    <#

    .SYNOPSIS

    Backup Intune Device Management Scripts

    .DESCRIPTION

    Backup Intune Device Management Scripts as JSON files per Device Management Script to the specified Path.

    .PARAMETER Path

    Path to store backup files

    .EXAMPLE

    Invoke-IntuneBackupDeviceManagementScript -Path "C:\temp"

    #>

    [CmdletBinding()]

    param(

        [Parameter(Mandatory = $true)]

        [string]$Path,

        [Parameter(Mandatory = $false)]

        [ValidateSet("v1.0", "Beta")]

        [string]$ApiVersion = "Beta"

    )

    # Ensure the Microsoft Graph module is installed and imported

    if (-not (Get-Module -Name Microsoft.Graph -ListAvailable)) {

        Install-Module -Name Microsoft.Graph -Scope CurrentUser -Force

    }

    Import-Module Microsoft.Graph.DeviceManagement

    # Connect to Microsoft Graph if not already connected

    if (-not (Get-MgUser -UserId me -ErrorAction SilentlyContinue)) {

        Connect-MgGraph -Scopes "DeviceManagementApps.Read.All","DeviceManagementApps.ReadWrite.All","DeviceManagementConfiguration.Read.All","DeviceManagementConfiguration.ReadWrite.All","DeviceManagementServiceConfig.Read.All","DeviceManagementServiceConfig.ReadWrite.All"

    }

    # Function to get all pages of results

    function Get-AllPages {

        param (

            [Parameter(Mandatory = $true)]

            [string]$Uri

        )

        $results = @()

        $response = Invoke-MgGraphRequest -Method GET -Uri $Uri

        $results += $response.value

        while ($null -ne $response.'@odata.nextLink') {

            $response = Invoke-MgGraphRequest -Method GET -Uri $response.'@odata.nextLink'

            $results += $response.value

        }

        return $results

    }

    # Create folder if not exists

    if (-not (Test-Path "$Path\Device Management Scripts\Script Content")) {

        $null = New-Item -Path "$Path\Device Management Scripts\Script Content" -ItemType Directory

    }

    # Get all device management scripts

    $deviceManagementScripts = Get-allpages -Uri "https://graph.microsoft.com/$ApiVersion/deviceManagement/deviceManagementScripts"

    foreach ($deviceManagementScript in $deviceManagementScripts) {

        # ScriptContent returns null, so we have to query Microsoft Graph for each script

        $deviceManagementScriptObject = Invoke-MGGraphRequest -Method GET -Uri "$apiVersion/deviceManagement/deviceManagementScripts/$($deviceManagementScript.Id)"

        $deviceManagementScriptFileName = ($deviceManagementScriptObject.displayName).Split([IO.Path]::GetInvalidFileNameChars()) -join '_'

        $deviceManagementScriptObject | ConvertTo-Json | Out-File -LiteralPath "$path\Device Management Scripts\$deviceManagementScriptFileName.json"

        $deviceManagementScriptContent = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($deviceManagementScriptObject.scriptContent))

        $deviceManagementScriptContent | Out-File -LiteralPath "$path\Device Management Scripts\Script Content\$deviceManagementScriptFileName.ps1"

        [PSCustomObject]@{

            "Action" = "Backup"

            "Type"   = "Device Management Script"

            "Name"   = $deviceManagementScript.displayName

            "Path"   = "Device Management Scripts\$deviceManagementScriptFileName.json"

        }

    }

}