Upload-AutopilotHash.ps1
|
<#PSScriptInfo
.VERSION 1.0.0 .GUID 9f4f1b7a-3b7a-49b3-bd7d-5a5c86d50aab .AUTHOR Shishir Kushawaha .COMPANYNAME Shishir Kushawaha .COPYRIGHT (c) 2025 Your Company. All rights reserved. .TAGS Intune Autopilot Webhook DeviceManagement .LICENSEURI https://opensource.org/licenses/MIT .PROJECTURI https://github.com/POWERSHELLCAM .RELEASENOTES Initial release of Upload-AutopilotHash script. #> <# .SYNOPSIS Uploads Windows Autopilot hardware hash to an Azure Automation Webhook. .DESCRIPTION Collects device hardware hash, serial number, and product key, then uploads it securely to a webhook with GroupTag and password authentication. Includes logging and connectivity checks. .PARAMETER GroupTag Autopilot GroupTag value to be assigned to the device. .PARAMETER WebhookPassword Password/token used for authentication when calling the webhook. .PARAMETER WebhookUrl The target webhook URL. .PARAMETER LogPath Path where logs will be written. Default: C:\Temp\Logs .EXAMPLE Upload-AutopilotHash.ps1 -GroupTag "HR-Laptops" -WebhookPassword "P@ssw0rd" -WebhookUrl "https://contoso.webhook.azure-automation.net/..." .NOTES Author: Shishir Kushawaha Email: srktcet@outlook.com Version: 1.0.0 #> [CmdletBinding()] param( [Parameter(Mandatory = $true)] [string]$GroupTag, [Parameter(Mandatory = $true)] [string]$WebhookPassword, [Parameter(Mandatory = $true)] [string]$WebhookUrl, [string]$LogPath = "C:\Temp\Autopilot\Logs" ) #region Logging $logfile = Join-Path $LogPath "APEnrollmentProfile.log" if (!(Test-Path $LogPath)) { New-Item -Path $LogPath -ItemType Directory -Force | Out-Null } function Write-Log { param( [string]$Message, [string]$LogLevel = 'INFO' ) $timestamp = Get-Date -Format "yyyy-MM-dd HH:mm:ss" $logEntry = "$timestamp [$LogLevel] - $Message" Add-Content -Path $logfile -Value $logEntry Write-Output $logEntry } #endregion Logging function Test-InternetConnection { try { return Test-Connection -ComputerName "8.8.8.8" -Count 2 -Quiet } catch { return $false } } function Test-Webhook { param ([string]$URL) try { if (Test-InternetConnection) { Write-Log "Internet is available." $conn = Test-NetConnection -ComputerName ([uri]$URL).Host -Port 443 if ($conn.TcpTestSucceeded) { Write-Log "Webhook reachable. Remote IP = $($conn.RemoteAddress.IPAddressToString)" } else { Write-Log "Webhook is NOT reachable." } } else { Write-Log "No internet access." } } catch { Write-Log "Failed to test webhook: $_" } } Write-Output " " | Out-File $logfile -Append Write-Log "SECTION START : Upload Hardware Hash with Webhook." Test-Webhook -URL $WebhookUrl Write-Log "Gathering device details..." $DeviceHashData = (Get-WmiObject -Namespace "root/cimv2/mdm/dmmap" ` -Class "MDM_DevDetail_Ext01" ` -Filter "InstanceID='Ext' AND ParentID='./DevDetail'" -Verbose:$false).DeviceHardwareData $SerialNumber = (Get-WmiObject -Class "Win32_BIOS" -Verbose:$false).SerialNumber $ProductKey = (Get-WmiObject -Class "SoftwareLicensingService" -Verbose:$false).OA3xOriginalProductKey Write-Log "Serial Number = $SerialNumber" Write-Log "Product Key = $ProductKey" Write-Log "Group Tag = $GroupTag" $body = @{ ProductKey = $ProductKey SerialNumber = $SerialNumber DeviceHashData = $DeviceHashData GroupTag = $GroupTag } $params = @{ ContentType = 'application/json' Headers = @{ 'from' = 'AutoPilotDeviceInfo' 'Date' = (Get-Date) 'message' = $WebhookPassword } Body = ($body | ConvertTo-Json -Depth 5) Method = 'Post' Uri = $WebhookUrl } try { Write-Log "Sending hardware hash to Azure Automation via webhook..." Invoke-RestMethod @params -Verbose write-log "Sending hardware hash to Azure Automation via webhook completed" } catch { Write-Log "Failed to send the hardware hash data to Azure Automation: $_" } write-log "Log file located at: $logfile" Write-Log "SECTION END : Upload Hardware Hash with Webhook." |