In one of my previous blog posts, I demonstrated how to enroll an Ubuntu device in Intune. In this blog post, I will walk you through creating and configuring custom Bash scripts for your Ubuntu devices using Microsoft Intune. With the service release 2023, Intune now supports running Bash scripts on Linux devices, offering a powerful way to manage and configure your Linux devices.

Prerequisites

Before we begin, ensure that you have installed and enrolled your Ubuntu device in Intune. You can follow the steps in our previous blog post:

• How to enroll an Ubuntu device in Intune

How to create a bash script

There are two ways to create a Bash script for your Ubuntu devices. You can either write the script on your own or use ChatGPT to generate scripts. In this post, we will utilize ChatGPT to help us create the scripts.

• Open ChatGPT in your browser and log in.
• Use the following prompt to generate the script:

You are in the root context of an Ubuntu 22.04 device. Can you write me the following bash script without user prompt? It should be a script that runs automatically in the background. Bevor the script runns you should check if the app or the configuration is already present:

<Description of the script>

• This is the final script. I have also to add an part to check if vs code is already installed:

#!/bin/bash

# Check if Visual Studio Code is installed
if ! command -v code &> /dev/null; then
    # Install wget and gpg
    sudo apt-get install -y wget gpg

    # Download and install Microsoft's GPG key
    wget -qO- https://packages.microsoft.com/keys/microsoft.asc | gpg --dearmor > packages.microsoft.gpg
    sudo install -D -o root -g root -m 644 packages.microsoft.gpg /etc/apt/keyrings/packages.microsoft.gpg

    # Add Visual Studio Code repository
    sudo sh -c 'echo "deb [arch=amd64,arm64,armhf signed-by=/etc/apt/keyrings/packages.microsoft.gpg] https://packages.microsoft.com/repos/code stable main" > /etc/apt/sources.list.d/vscode.list'
    rm -f packages.microsoft.gpg

    # Install apt-transport-https
    sudo apt install -y apt-transport-https

    # Update repositories
    sudo apt update -y

    # Install Visual Studio Code
    sudo apt install -y code
else
    echo "Visual Studio Code is already installed."
fi

• Copy the generated script and save it as script_name.sh.

Deploying the bash script with Microsoft Intune

Once you have your Bash script ready, follow these steps to deploy it using Microsoft Intune:

• Sign in to the Microsoft Intune admin center (https://intune.microsoft.com/).
• Navigate to Devices > Scripts
• Click +Add and select Linux

• Enter a name and optional a description for the script policy and click Next.

• In Configuration settings, configure the following settings:
  • Execution context: Root
  • Execution frequency: Choose your preferred frequency
  • Execution retries: Choose your preferred number of retries
  • Execution Script: Upload the script_name.sh file

There are the following context settings available:
– User (default): When a user signs in to the device, the script runs. If a user never signs into the device, or there isn’t any user affinity, then the script doesn’t run.
– Root: The script will always run (with or without users logged in) at the device level.

• Click Next.
• In Scope tags, optional select a scope tags, and click Next.
• In Assignments, click Add groups and choose Select groups to include one or more groups. Click Next to continue.

• In Review + create, review your settings, and click Create.

Once assigned, the Bash script will be deployed and executed on the devices for the selected groups, performing the desired actions that are defined in the script.

Conclusion

With the support for custom Bash scripts in Microsoft Intune, managing and configuring your Ubuntu devices has become more powerful and efficient. Whether you write your own scripts or use AI-powered tools like ChatGPT to generate them, you can now automate various tasks and ensure consistent settings across your Linux devices. Just remember to test your scripts thoroughly and monitor the deployments to avoid unintended consequences or disruptions to your systems.