IntuneBackupAndRestoreSP

4.0

Public/Invoke-IntuneBackupDeviceShellScriptSP.ps1

                                function Invoke-IntuneBackupdeviceshellScriptSP {

    <#

    .SYNOPSIS

    Backup Intune Device Shell Scripts (Used by macOS)

    .DESCRIPTION

    Backup Intune Device Shell Scripts (Used by macOS) as JSON files per Device Management Script to the specified Path.

    .PARAMETER Path

    Path to store backup files

    .EXAMPLE

    Invoke-IntuneBackupdeviceshellScriptSP -Path "C:\temp"

    #>

    [CmdletBinding()]

    param(

        [Parameter(Mandatory = $true)]

        [string]$Path,

        [Parameter(Mandatory = $false)]

        [ValidateSet("v1.0", "Beta")]

        [string]$ApiVersion = "Beta"

    )

    # Ensure the Microsoft Graph module is installed and imported

    if (-not (Get-Module -Name Microsoft.Graph -ListAvailable)) {

        Install-Module -Name Microsoft.Graph -Scope CurrentUser -Force

    }

    Import-Module Microsoft.Graph.DeviceManagement

    # Connect to Microsoft Graph if not already connected

    if (-not (Get-MgUser -UserId me -ErrorAction SilentlyContinue)) {

        Connect-MgGraph -Scopes "DeviceManagementApps.Read.All","DeviceManagementApps.ReadWrite.All","DeviceManagementConfiguration.Read.All","DeviceManagementConfiguration.ReadWrite.All","DeviceManagementServiceConfig.Read.All","DeviceManagementServiceConfig.ReadWrite.All"

    }

    # Function to get all pages of results

    function Get-AllPages {

        param (

            [Parameter(Mandatory = $true)]

            [string]$Uri

        )

        $results = @()

        $response = Invoke-MgGraphRequest -Method GET -Uri $Uri

        $results += $response.value

        while ($null -ne $response.'@odata.nextLink') {

            $response = Invoke-MgGraphRequest -Method GET -Uri $response.'@odata.nextLink'

            $results += $response.value

        }

        return $results

    }

    # Create folder if not exists

    if (-not (Test-Path "$Path\Device Shell Scripts\Script Content")) {

        $null = New-Item -Path "$Path\Device Shell Scripts\Script Content" -ItemType Directory

    }

    # Get all device management scripts

    $deviceshellScripts = Get-allpages -Uri "https://graph.microsoft.com/$ApiVersion/deviceManagement/deviceShellScripts"

    foreach ($deviceshellScript in $deviceshellScripts) {

        # ScriptContent returns null, so we have to query Microsoft Graph for each script

        $deviceshellScriptObject = Invoke-MGGraphRequest -Method GET -Uri "$apiVersion/deviceManagement/deviceShellScripts/$($deviceshellScript.Id)"

        $deviceshellScriptFileName = ($deviceshellScriptObject.displayName).Split([IO.Path]::GetInvalidFileNameChars()) -join '_'

        $deviceshellScriptObject | ConvertTo-Json | Out-File -LiteralPath "$path\Device Shell Scripts\$deviceshellScriptFileName.json"

        $deviceshellScriptContent = [System.Text.Encoding]::UTF8.GetString([System.Convert]::FromBase64String($deviceshellScriptObject.scriptContent))

        $deviceshellScriptContent | Out-File -LiteralPath "$path\Device Shell Scripts\Script Content\$deviceshellScriptFileName.ps1"

        [PSCustomObject]@{

            "Action" = "Backup"

            "Type"   = "Device Shell Script"

            "Name"   = $deviceshellScript.displayName

            "Path"   = "Device Shell Scripts\$deviceshellScriptFileName.json"

        }

    }

}