{"id":1592,"date":"2023-06-15T02:03:34","date_gmt":"2023-06-15T05:03:34","guid":{"rendered":"https:\/\/blog.abratel.com.br\/?p=1592"},"modified":"2023-06-15T02:04:25","modified_gmt":"2023-06-15T05:04:25","slug":"powershell-scripts-for-intune","status":"publish","type":"post","link":"https:\/\/blog.abratel.com.br\/?p=1592","title":{"rendered":"Powershell Scripts For Intune"},"content":{"rendered":"

endpoint.microsoft.com –> Devices –> scripts –><\/p>\n

Run this script using the logged on credentials
\nYes (some can be no)
\nEnforce script signature check
\nNo
\nRun script in 64 bit PowerShell Host
\nYes (some can be 32)<\/p>\n

Here I will rename a local admin to another admin changing the password:
\nrenameadm.ps1<\/p>\n

\n$oldUsername =  "usertoremove"\n$newUsername = "newadministrator"\n$oldPassword = ConvertTo-SecureString "passwordforusertoremove" -AsPlainText -Force\n$newPassword = ConvertTo-SecureString "newpasswordfornewadm" -AsPlainText -Force\n$user = Get-LocalUser -Name $oldUsername\nRename-LocalUser -Name $oldUsername -NewName $newUsername\nSet-LocalUser -Name $newUsername -Password $newPassword\n<\/pre>\n
Here I will remove all local admin and also azure admins\/users and leave just the local admin that I created:
\nremoving_all_adms_less_one.ps1<\/p>\n
\n$group = [ADSI]"WinNT:\/\/$env:COMPUTERNAME\/Administrators"\n$admins = $group.Invoke('Members') | ForEach-Object {\n$path = ([adsi]$_).path\n[PSCustomObject]@{\nUser = $(Split-Path $path -Leaf) }}\nforeach ($user in $admins) {\n$test = $user.User # Assign the user value to $test variable for comparison\nif ($test -eq "keep-this-username-adm") {\n} else {\nRemove-LocalGroupMember -Group Administrators -Member $test }}\n<\/pre>\n
Here I’m removing the PIN
\nremovepin.ps1<\/p>\n
\n$path = "HKLM:\\SOFTWARE\\Policies\\Microsoft"\n$key = "PassportForWork"\n$name = "Enabled"\n$value = "0"\nNew-Item -Path $path -Name $key \u00e2\u20ac\u201cForce\nNew-ItemProperty -Path $path\\$key -Name $name -Value $value -PropertyType DWORD -Force\n#Delete existing pins\n$passportFolder = "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Microsoft\\Ngc"\nif(Test-Path -Path $passportFolder)\n{\nTakeown \/f $passportFolder \/r \/d "Y"\nICACLS $passportFolder \/reset \/T \/C \/L \/Q\nRemove-Item \u00e2\u20ac\u201cpath $passportFolder \u00e2\u20ac\u201crecurse -force\n}\n<\/pre>\n
Here I will set a background image:
\nsetbackground.ps1<\/p>\n
\n$RegKeyPath = "HKLM:\\SOFTWARE\\Microsoft\\Windows\\CurrentVersion\\PersonalizationCSP"\n$LockScreenPath = "LockScreenImagePath"\n$LockScreenStatus = "LockScreenImageStatus"\n$LockScreenUrl = "LockScreenImageUrl"\n$StatusValue = "1"\n$url = "https:\/\/www.meusite.com\/wp-content\/uploads\/2023\/04\/wallpaper.png"\n$LockScreenImageValue = "C:\\MDM\\wallpaper.png"\n$directory = "C:\\MDM\\"\nIf ((Test-Path -Path $directory) -eq $false)\n{\nNew-Item -Path $directory -ItemType directory\n}\n$wc = New-Object System.Net.WebClient\n$wc.DownloadFile($url, $LockScreenImageValue)\nif (!(Test-Path $RegKeyPath))\n{\nWrite-Host "Creating registry path $($RegKeyPath)."\nNew-Item -Path $RegKeyPath -Force | Out-Null\n}\nNew-ItemProperty -Path $RegKeyPath -Name $LockScreenStatus -Value $StatusValue -PropertyType DWORD -Force | Out-Null\nNew-ItemProperty -Path $RegKeyPath -Name $LockScreenPath -Value $LockScreenImageValue -PropertyType STRING -Force | Out-Null\nNew-ItemProperty -Path $RegKeyPath -Name $LockScreenUrl -Value $LockScreenImageValue -PropertyType STRING -Force | Out-Null\nRUNDLL32.EXE USER32.DLL, UpdatePerUserSystemParameters 1, True\n<\/pre>\n","protected":false},"excerpt":{"rendered":"
endpoint.microsoft.com –> Devices –> scripts –> Run this script using the logged on credentials Yes (some can be no) Enforce script signature check No Run script in 64 bit PowerShell Host Yes (some can be 32) Here I will rename a local admin to another…<\/p>\n","protected":false},"author":1,"featured_media":1599,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":[],"categories":[7],"tags":[],"_links":{"self":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/1592"}],"collection":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=1592"}],"version-history":[{"count":4,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/1592\/revisions"}],"predecessor-version":[{"id":1601,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/posts\/1592\/revisions\/1601"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=\/wp\/v2\/media\/1599"}],"wp:attachment":[{"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=1592"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=1592"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.abratel.com.br\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=1592"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}