Get Microsoft Intune Status Reports with PowerShell

This post is a hands-on guide to generating Microsoft Intune status reports with PowerShell — without opening the Intune admin centre. The script queries Microsoft Graph, builds a structured snapshot of devices, compliance, apps, and assignments, and outputs it as a CSV/JSON ready for further analysis or your own dashboard.

As an administrator, it is always good to keep an eye on your Intune status. In this blog I would like to show you how you can display the current status with the help of a small PowerShell script.

How does it work

It really works quite easily — what you need are only 5 different graph calls to read out the status. Let’s take a closer look at these calls:

deviceManagement/deviceCompliancePolicyDeviceStateSummary

With this call you get an output of numbers concerning the compliance state of your devices

deviceManagement/managedDeviceOverview

With this call you get an output of numbers concerning the number of enrolled devices and their platform. Interesting here is that we see Linux and ChromeOs.

deviceAppManagement

This graph call shows you the current status of the Windows Store for Business connector.

deviceManagement/windowsAutoPilotSettings

This graph call shows you the last autopilot sync and its status

deviceManagement/mobileThreatDefenseConnectors

With this query you can see the status of Windows Defender For Endpoint

How did I find these calls

The outstanding Browser add-on Graph X-Ray created by Eunice, Dhruv, Clement, Monica & @merill makes the finding of the needed Graph call really easy . All you have to do is install the browser add-on and switch to developer mode of your browser. Here you will get a list of all graph calls that are executed when loading a page.

How can you get the final Script

You can find the script in my git hub repository. What you need to do is download the script and run it locally. The first time you run it you will be asked for the UPN of an administrator. Enter the UPN and authenticate yourself on your tenant.

After that you will get the following output:

Conclusion

Of course, you can send this output every day via email or Teams, or you can develop a logic to detect if something is broken and send a notification if this is the case. It is also possible to display more connectors or other information. I hope I could explain to you with this script how you can get such information and how you can output it.

Stay healthy, Cheers
Jannik

Update 02.08.2022

You can also download my script from the PowerShell Gallery:

If you are interested in more Intune reporting options, you might also like my post about using Microsoft Fabric to export Intune data into the OneLake for PowerBi reporting.

If you work more with Microsoft Graph API calls, you might also like my post about the Graph Batch Endpoint.

If you want to take the next step and run scripts like this automatically, check out my post about how to start with Azure Automation Runbook to automate tasks in Intune.

Install-Script -Name Get-IntuneStatus