You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: memdocs/intune/protect/compliance-custom-script.md
+18-10Lines changed: 18 additions & 10 deletions
Display the source diff
Display the rich diff
Original file line number
Diff line number
Diff line change
@@ -1,13 +1,13 @@
1
1
---
2
2
# required metadata
3
3
4
-
title: Create a PowerShell script to use for discover of custom compliance settings in Microsoft Intune
5
-
description: Create the PowerShell script that runs discovery on devices that receive device compliance policies for custom settings in Intune.
4
+
title: Create a discovery scripts for custom compliance policy in Microsoft Intune
5
+
description: Create scripts for Linux or Windows devices to discover the settings you define as custom compliance settings for Microsoft Intune.
6
6
keywords:
7
7
author: brenduns
8
8
ms.author: brenduns
9
9
manager: dougeby
10
-
ms.date: 11/16/2021
10
+
ms.date: 10/19/2022
11
11
ms.topic: conceptual
12
12
ms.service: microsoft-intune
13
13
ms.subservice: protect
@@ -27,16 +27,24 @@ ms.custom: intune-azure
27
27
ms.collection: M365-identity-device-management
28
28
---
29
29
30
-
# Custom PowerShell scripts for discovery
30
+
# Custom compliance discovery scripts for Microsoft Intune
31
31
32
-
Before you can use [custom settings for compliance](../protect/compliance-use-custom-settings.md) with Intune, you must define a PowerShell script for discovery of custom compliance settings on devices.
32
+
Before you can use [custom settings for compliance](../protect/compliance-use-custom-settings.md) with Microsoft Intune, you must define a script for discovery of custom compliance settings on devices. The script you use depends on the platform:
33
33
34
-
The discovery script:
34
+
- Linux devices, use a POSIX-compliant shell script
35
+
- Windows devices use a PowerShell script
35
36
36
-
- Is added to Intune before you create a compliance policy. After it's added, it will be available to select when you create a compliance policy with custom settings.
37
-
- Runs on a device that receives the compliance policy. The script evaluates the conditions of the JSON file you upload to the same policy.
38
-
- Identifies one or more settings, as defined in the JSON, and returns a list of discovered values for those settings. A single script can be assigned to each policy, and supports discovery of multiple settings.
39
-
- Must be compressed to output results in one line. For example: `$hash = @{ ModelName = "Dell"; BiosVersion = "1.24"; TPMChipPresent = $true}`
37
+
The script deploys to devices as part of your custom compliance policies and runs to discover the settings that are defined by the JSON file that you also provide through custom compliance policy.
38
+
39
+
All discovery scripts:
40
+
41
+
- Are added to Intune before you create a compliance policy. After being added, scripts are available to select when you create a compliance policy with custom settings.
42
+
- Run on a device that receives the compliance policy. The script evaluates the conditions of the JSON file you upload when creating a custom compliance policy.
43
+
- Identify one or more settings, as defined in the JSON, and return a list of discovered values for those settings. A single script can be assigned to each policy, and supports discovery of multiple settings.
44
+
45
+
In addition, the PowerShell script for Windows:
46
+
47
+
- Must be compressed to output results in a single line. For example: `$hash = @{ ModelName = "Dell"; BiosVersion = "1.24"; TPMChipPresent = $true}`
40
48
- Must include the following line at the end of the script: `return $hash | ConvertTo-Json -Compress`
0 commit comments