Upload a file to Connectwise and Attach it to a Service Ticket with PowerShell

Upload a file to Connectwise and Attach it to a Service Ticket with PowerShell

Comments 4 comments

I have recently been automating a lot within Connectwise PSA. One of the items I set out to do is to upload a file and attach it to a service ticket. This led me to the following article, but after doing some testing, I found that some file types were not properly rendering on the Connectwise side, making me believe there was something wrong with the encoding.

I could upload a .txt file without issues, but I also tried with a .docx and a .pdf, and the file would be corrupted or blank.

The process to upload a file and then link it to a service ticket is first to upload the file to the endpoint /system/documents and then, from there, link the uploaded document to an existing service ticket.

Multipart/Form-Data

The first thing to know about how Connectwise wants a document uploaded is that it uses what is … Continue...

Getting Started with GitHub Copilot in the CLI

Getting Started with GitHub Copilot in the CLI

Comments 1 comment

It was announced recently that GitHub Copilot in the CLI has reached General Availablity for all Individual, Business, and Enterprise customers. In this post, I will show you how you can get download and install the CLI and Copilot extension, authenticate to use Copilot, and the available commands and use cases.

Install the GitHub CLI

Windows

With Windows, we can install the GitHub CLI via the command line (Winget, Chocolatey, or Scoop) or manually from here.

Winget

With Winget, we can install the GitHub CLI using the following command: 

winget install --id GitHub.cli

MacOS

With MacOS, we can install the GitHub CLI via homebrew or manually from here.

Homebrew

Using homebrew, run the following command:

brew install gh

Authenticate

Note: In order to use Copilot in the CLI, you must have an active GitHub Copilot subscription.

Once you have a valid subscription to use Copilot, run the … Continue...

View and Export your Intune Device Management Scripts Using the Microsoft Graph PowerShell SDK

View and Export your Intune Device Management Scripts Using the Microsoft Graph PowerShell SDK

Comments 0 Comment

Introduction

If you’re familiar with Intune, you’re likely aware of its capability to deploy platform or PowerShell scripts to your endpoint devices. Unfortunately, once you upload your script to the portal, there is (at the time of writing this) no easy way to view the script content or download it.

Resolution

To quickly and easily get Intune scripts, I created a function that allows me to export all the scripts from a tenant en masse and view them in the shell or terminal. Sometimes, I am auditing a new tenant and have no need to download the scripts to my local machine; I need to audit the code behind it to get an idea of what is being performed. Additionally, I added some other quality-of-life features that I did not find in other scripts online.

Features

Platform Agnostic

The function will work on PowerShell Core (pwsh) and Windows PowerShell. Allowing … Continue...

Automatically Schedule Microsoft Teams Do Not Disturb Presence Based on Outlook Calendar Events

Automatically Schedule Microsoft Teams Do Not Disturb Presence Based on Outlook Calendar Events

Comments 1 comment

In this article I will be showing you how you can automatically have Microsoft Teams set its presence to Do Not Disturb, or any other presence, based on events in your Outlook Calendar. I also looked into leveraging Power Automate but it began to require premium connectors and at that cost, going the serverless automation route was much cheaper.

An overview of this automation is as follows:

  1. Run on a set schedule.
  2. Get all users within the tenant, if the user does not have a mailbox, proceed to the next user, if the user does have a mailbox proceed to the next step.
  3. Get the users events that will occur within the next 1 hour (configurable value)
  4. See if there is an event that matches what we are looking for. In my instance, if an event title/subject is “DND” (not case-sensitive) then proceed to the next step, otherwise go to
Continue...
Automated Alerts on Azure (Entra ID) Application Secret Expirations

Automated Alerts on Azure (Entra ID) Application Secret Expirations

Comments 43 comments

Monitoring Azure AD (Entra ID now) application secret expirations in an enterprise is a critical aspect of maintaining robust security and ensuring uninterrupted service. When application secrets expire without timely renewal, it can disrupt business operations by causing application failures. Proactive management of application secret expirations helps enterprises avoid last-minute issues, enabling a more secure and efficient operational environment.

During my brief research in finding an automated approach to monitoring application secret expirations, I found multiple write-ups and articles but many only showed the code on how to get the expiration property without walking through setting up the automation itself. Another issue was not converting the default UTC time to local time to get more accurate expiration datetimes, and also dealing with applications with multiple secrets that expire at different times.

This article will walk one through the code’s logic, including converting time and dealing with multiple values, and creating … Continue...

The Microsoft Graph Command-Line Interface (CLI)

The Microsoft Graph Command-Line Interface (CLI)

Comments 5 comments

On November 22nd, Microsoft announced that the Microsoft Graph CLI was now generally available at version 1.0.0. The command-line tool provides convenient methods to access Microsoft Graph API capabilities on any operating system and any shell. The CLI uses the Microsoft Graph v1.0 endpoint. Microsoft does provide a Beta CLI that interacts with the Microsoft Graph Beta endpoint.

The CLI not only allows you to get objects but update, create and delete objects using the Microsoft Graph REST API.

Download the CLI

MacOS

Download the CLI from here.

  • If you have an ARM based Mac (M1, M2, etc) computer, download the msgraph-beta-cli-osx-arm64... package.
  • If you have an Intel processor, download the msgraph-beta-cli-osx-x64... package.

Extract the files to a directory you can reference later. For my purposes, I created a folder called, ‘MSGraph CLI’ in my Home Directory.

Next, we will update PATH permanently by editing your shell profile (… Continue...

Microsoft Graph API Endpoint Adds Last Successful Sign-In Date Time

Microsoft Graph API Endpoint Adds Last Successful Sign-In Date Time

Comments 4 comments

Previously, if you wanted to find a user’s last successful sign-in to your Microsoft 365 tenant using the Microsoft Graph REST API, you would have to iterate through Entra ID sign-in logs. With new recent additions to the Microsoft Graph API Beta Endpoint, you can now return the UTC value just by parsing the user details and properties. The Microsoft documentation regarding the signInActivity resource type can be found here.

LastSignInDateTime vs LastSuccessfulSignInDateTime

The difference between lastSignInDateTime and lastSuccessfulSignInDateTime property is:

  • lastSignInDateTime: The last interactive sign-in date and time for a specific user. You can use this field to calculate the last time a user attempted to sign into the directory the directory with an interactive authentication method. This field can be used to build reports, such as inactive users. The timestamp represents date and time information using ISO 8601 format and is always in UTC time. For
Continue...
Getting Started with the IntuneCLI, an Automated Intune Management Solution

Getting Started with the IntuneCLI, an Automated Intune Management Solution

Comments 1 comment

Disclaimer: The IntuneAssistant is an ongoing project that is in development. The document below may be outdated in newer versions. The developer is very active on GitHub if you run into any issues. You should reference the GitHub Project: https://github.com/srozemuller/IntuneAssistant

I would also recommend checking out their blog at: Sander Rozemuller | All about Identity, AVD, Automation, DevOps, Monitoring, Intune and Security

Obtaining the IntuneAssistant

Manual

The first thing we need to do, is to download the CLI binary which can be found here. In my case, I am running a M1 Pro Mac so I will grab the MacOS ARM binary. I then placed it in a folder called “Dev” in the root of my Home directory.

Make the Binary Executable

The next step in the process is to make the binary executable. This is something that you do not have to do on a Windows machine, … Continue...

Centrally Manage Company Contacts and Deploy to Built-In Contacts App Using Intune, SharePoint, PowerShell and Graph API.

Centrally Manage Company Contacts and Deploy to Built-In Contacts App Using Intune, SharePoint, PowerShell and Graph API.

Comments 14 comments

I recently met with a company that was looking for a better way to get contacts to their employee’s work phones. Currently, they are sending a .vcf file and then having the employees manually save the contacts. While this works, the problem is if you need to send a new contact, you now need to send a new .vcf file to every employee and instruct them on how to save it. Similarly, if you ever need to remove a contact, you need to instruct your employees to manually delete that contact.

One of the first things I thought about, is creating an App Configuration Policy to force Outlook to sync contacts to native apps. Most of the contacts I need to sync to the phone were employees of the company so I figured it would sync from the Global Address List and then maybe I could create contacts in … Continue...

Windows LAPS Management, Configuration and Troubleshooting Using Microsoft Intune

Windows LAPS Management, Configuration and Troubleshooting Using Microsoft Intune

Comments 40 comments

Windows Local Administrator Password Solution (Windows LAPS) is a Windows Feature that allows IT Administrators to secure and protect local administrator passwords. This includes automatic rotation of passwords as well as backing up the passwords to Azure Active Directory or Active Directory. You can configure Windows LAPS on your Windows endpoints using Microsoft Intune.

Pre-requisites

To use Windows LAPS in Intune, ensure you’re using a supported Windows platform:

You might also have to enable Azure AD Local Administrator Password Solution (LAPS) within your Azure Tenant.

  • Azure Active Directory > Devices > Device Settings > Azure AD Local Administrator Password Solution (LAPS)
    Note: You may not have to do this once the product is
Continue...