deploy_UR_Intune.ps1
|
<#PSScriptInfo .VERSION 1.1 .GUID 8b1a8eba-83c6-4ce8-8ce2-28abe56b5ff2 .AUTHOR Seif Bassem .COMPANYNAME .COPYRIGHT .TAGS Windows analytics Intune Upgrade Readiness .LICENSEURI .PROJECTURI .ICONURI .EXTERNALMODULEDEPENDENCIES .REQUIREDSCRIPTS .EXTERNALSCRIPTDEPENDENCIES .RELEASENOTES #> <# .DESCRIPTION Deploying the Upgrade Readiness script from Intune: The script allows to deploy the upgrade readiness script to your azure active directory joined machines using intune. The script will automatically download the latest version of the upgrade readiness script to your intune managed devices, inject the variables to the RunConfig.bat file and create a scheduled task to run it once every 30 days. Usage: 1. Download the intune-UR.ps1 script and save it to your computer. 2. Edit the script using any text editor to supply the variables in the following section : ################Edit Variables########################## $downloadpath = "c:\UA-upgradeReadiness" $logfile = "$downloadpath\log.txt" $logPath = "\\server\wadiagnostics" $commercialID ="xxxxxxxxxxxxxxxxxxxxxxxx" $AllowIEData = "false" $IEOptInLevel = "3" $DeviceNameOptIn ="true" $AppInsightsOptIn="true" $ClientProxy= "Direct" ################################################### |Variable name |Description -------------------------------- |downloadpath | This is the path where the upgrade readiness script will be downloaded from the internet |logfile | This is the name of the logfile that will be generated for troubleshooting this script |logPath | This is the path where the logfile for each device will be created , it can be a UNC path and it can be a local path |commercialID | This is the commericalID of your OMS Workspace |AllowIEData | This is the IE diagnostics optIn option |IEOptInLevel | This is the level of the IE optIN option |DeviceNameOptIn | This is the DeviceNameOptIn option to send the device name to the diagnostic data management service |AppInsightsOptIn | This is the AppInsightsOptIn to collect and send diagnostic and debugging data to Microsoft |ClientProxy | This is used to specofy the proxy setup that you have in your environment 3. Save the script and deploy using Intune. #> ################Edit Variables########################## $downloadpath = "c:\UA-upgradeReadiness" $logfile = "$downloadpath\log.txt" $logPath = "\\server\wadiagnostics" $commercialID ="xxxxxxxxxxxxxxxxxxxxxxxx" $AllowIEData = "false" $IEOptInLevel = "3" $DeviceNameOptIn ="true" $AppInsightsOptIn="true" $ClientProxy= "Direct" ################################################### function Get-TimeStamp { return "[{0:MM/dd/yy} {0:HH:mm:ss}]" -f (Get-Date) } ##Create the download folder try{ if(-not (Test-Path $downloadpath)){ New-Item -Path $downloadpath -ItemType Directory } else{ ##cleanup previous runs Remove-Item $downloadpath -Force -Recurse New-Item -Path $downloadpath -ItemType Directory } } catch{ Write-Output "$(Get-TimeStamp) $_.Exception.Message" | Out-file $logfile -append throw "Cannot create folder on C drive" } ##Get the download URL from the download center try{ $WebResponse = Invoke-WebRequest "https://www.microsoft.com/en-us/download/confirmation.aspx?id=53327" -UseBasicParsing $downloadURL=($WebResponse.Links | select-object href | Where-Object {$_.href -like "*zip"})[0].href.tostring() } catch{ Write-Output "$(Get-TimeStamp) $_.Exception.Message" | Out-file $logfile -append throw "Couldn't reach the download URL" } ##Download the UR script to a folder on the C drive and extract try{ $output = "$downloadpath\upgradeReadiness.zip" (New-Object System.Net.WebClient).DownloadFile($downloadURL, $output) $output | Expand-Archive -Force -DestinationPath "$downloadpath\script" } catch{ Write-Output "$(Get-TimeStamp) $_.Exception.Message" | Out-file $logfile -append throw "Couldn't download or extract the file" } ##Edit the config file for the deployment script try{ $configfile = "$downloadpath\script\deployment\RunConfig.bat" (Get-Content $configfile).replace('set logPath=\\set\path\here', 'set logPath='+$logPath) | Set-Content $configfile (Get-Content $configfile).replace('set commercialIDValue=Unknown', 'set commercialIDValue='+$commercialID) | Set-Content $configfile (Get-Content $configfile).replace('set AllowIEData=disabled', 'set AllowIEData='+$AllowIEData) | Set-Content $configfile (Get-Content $configfile).replace('set IEOptInLevel=0', 'set IEOptInLevel='+$IEOptInLevel) | Set-Content $configfile (Get-Content $configfile).replace('set DeviceNameOptIn=true', 'set DeviceNameOptIn='+$DeviceNameOptIn) | Set-Content $configfile (Get-Content $configfile).replace('set AppInsightsOptIn=true', 'set AppInsightsOptIn='+$AppInsightsOptIn) | Set-Content $configfile (Get-Content $configfile).replace('set ClientProxy=Direct', 'set ClientProxy='+$ClientProxy) | Set-Content $configfile } catch{ Write-Output "$(Get-TimeStamp) $_.Exception.Message" | Out-file $logfile -append throw "One or more of the script parameters are not correct" } ##create the scheduled task try{ if(Get-ScheduledTask -TaskName "Upgrade readiness script" -ErrorAction SilentlyContinue){ Unregister-ScheduledTask -TaskName "Upgrade readiness script" -Confirm:$false } $taskAction = New-ScheduledTaskAction -Execute "$downloadpath\script\Deployment\RunConfig.bat" $tasktrigger = New-ScheduledTaskTrigger -Weekly -WeeksInterval 4 -At 9am -DaysOfWeek Tuesday -RandomDelay (New-TimeSpan -minutes 30) $taskoptions = New-ScheduledTaskSettingsSet -DisallowDemandStart -StartWhenAvailable $taskprincipal = New-ScheduledTaskPrincipal -UserId "NTAuthority\SYSTEM" -LogonType ServiceAccount New-ScheduledTask -Description "Upgrade readiness script" -Action $taskaction -Principal $taskprincipal -Settings $taskoptions -Trigger $tasktrigger Register-ScheduledTask -TaskName "Upgrade readiness script" -Action $taskAction -User "SYSTEM" -Trigger $tasktrigger Start-ScheduledTask -TaskName "Upgrade readiness script" } catch{ Write-Output "$(Get-TimeStamp) $_.Exception.Message" | Out-file $logfile -append throw "Cannot create the scheduled task" } |