IntuneManagement

1.1

IntuneManagement.psm1

                                function Restart-IntuneDevice {

    [CmdletBinding()]

    param (

        [Parameter(Mandatory=$true, ValueFromPipeline=$true)]

        [string]$DeviceName

    )

    begin {

        Connect-MgGraph -Scopes DeviceManagementManagedDevices.PrivilegedOperations.All -NoWelcome

        $managedDeviceId = (Get-MgDeviceManagementManagedDevice -Filter "DeviceName eq '$DeviceName'").Id

    }

    process {

        Write-Host "Sending restart command..." -ForegroundColor Yellow

        Start-Sleep -Seconds 5

        Restart-MgDeviceManagementManagedDeviceNow -ManagedDeviceId $managedDeviceId 

    }

}

function Sync-IntuneDevice {

    [CmdletBinding()]

    param (

        [Parameter(Mandatory=$true, ValueFromPipeline=$true)]

        [string]$DeviceName

    )

    begin {

        Connect-MgGraph -Scopes DeviceManagementManagedDevices.PrivilegedOperations.All -NoWelcome

        $managedDeviceId = (Get-MgDeviceManagementManagedDevice -Filter "DeviceName eq '$DeviceName'").Id

    }

    process {

        Write-Host "Sending Sync command..." -ForegroundColor Yellow

        Start-Sleep -Seconds 5

        Sync-MgDeviceManagementManagedDeviceNow -ManagedDeviceId $managedDeviceId 

    }

}

function Clear-IntuneDevice {

    [CmdletBinding()]

    param (

        [Parameter(Mandatory=$true, ValueFromPipeline=$true)]

        [string]$DeviceName

    )

    begin {

        Connect-MgGraph -Scopes DeviceManagementManagedDevices.PrivilegedOperations.All -NoWelcome

        $managedDeviceId = (Get-MgDeviceManagementManagedDevice -Filter "DeviceName eq '$DeviceName'").Id

        $params = @{

            keepEnrollmentData = $false

            keepUserData = $false

        }

        $wipedDevices = New-Object System.Collections.ArrayList

    }

    process {

        try {

            Write-Host "Sending Sync command..." -ForegroundColor Yellow

            Start-Sleep -Seconds 5

            Clear-MgDeviceManagementManagedDevice -ManagedDeviceId $managedDeviceId -ErrorAction Stop -BodyParameter @params

        }

        catch {

            $notAuthorizedMsg = "Application is not authorized to perform this operation. Application must have one of the following scopes: DeviceManagementManagedDevices.PrivilegedOperations.All" 

            if ($_.ErrorDetails.Message -match $notAuthorizedMsg) {

                Write-Error -Message "Please connect to Graph again and specify 'DeviceManagementManagedDevices.PrivilegedOperations.All' as a scope." 

            }

            else {

                # Nested try/catch to double check that device was deleted

                try {

                    Clear-MgDeviceManagementManagedDevice -ManagedDeviceId $managedDeviceId -BodyParameter $params -ErrorAction Stop

                }

                catch {

                    Write-Host $DeviceName" has been removed from Intune mobile device management"

                    [void]$wipedDevices.Add($DeviceName)

                }

            }

        }

    }   

}