Jump to content

Intune Asset Import


Recommended Posts

I am trying out InTune asset import using the runbook provided by @Steve G and it is identifying assets in InTune but then failing to import anything. Before running this I backed up our current asset and then used the Hornbill Clean Up tool to nuke it so their are no assets on our system. 

image.png.2dd9b83d165c2e32bc21b9a335c03a7d.png

Anyone go this runbook work succesfully or offer any guidance/advice?

Link to comment
Share on other sites

@AndyHill,

Does this help you at all?

<#PSScriptInfo
.VERSION 1.0.0
.AUTHOR robert.gething@ipo.gov.uk
.COMPANYNAME UK IPO
.TAGS hornbill powershell intune azure automation workflow runbook
.RELEASENOTES
Initial Release
.DESCRIPTION 
 Azure Automation Runbook to retrieve mobile assets from Intune, and import them into your Hornbill instance CMDB. 
#>
 
#Requires -Module @{ModuleVersion = '1.1.0'; ModuleName = 'HornbillAPI'}
#Requires -Module @{ModuleVersion = '1.1.1'; ModuleName = 'HornbillHelpers'}
 
#Retrieve Microsoft Intune tenant information
$intuneAutomationCredential = Get-AutomationPSCredential -Name IntuneAutomation
$intuneAutomationAppId = Get-AutomationVariable -Name AutomationVar
$tenant = Get-AutomationVariable -Name AzureADTenantId
$Resource = "https://graph.microsoft.com/beta/deviceManagement/managedDevices"
 
# Define Hornbill Params
$AssetClass = "mobileDevice" # Asset Class for Mobile Devices in your Hornbill instance
$AssetType = "11" # Primary Key for the "Smart Phone" asset type in your Hornbill instance
$AssetEntity = "AssetsMobileDevice" # Entity name of the Hornbill entity used to check for existing assets 
$AssetUniqueColumn = "h_serial_number" # Column in the above entity used to check for existing assets
 
#Import Azure AD PowerShell for Graph (GA)
$AadModule = Import-Module -Name AzureAD -ErrorAction Stop -PassThru
 
#Import Hornbill Modules
Import-Module -Name HornbillAPI -ErrorAction Stop -WarningAction silentlyContinue
Import-Module -Name HornbillHelpers -ErrorAction Stop -WarningAction silentlyContinue
 
# Create Hornbill instance details
Set-HB-Instance -Instance (Get-AutomationVariable -Name InstanceID) -Key (Get-AutomationVariable -Name APIKey)
 
#Authenticate with the Graph API REST interface
$adal = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
$adalforms = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll"
[System.Reflection.Assembly]::LoadFrom($adal) | Out-Null
[System.Reflection.Assembly]::LoadFrom($adalforms) | Out-Null
$redirectUri = "urn:ietf:wg:oauth:2.0:oob"
$resourceAppIdURI = "https://graph.microsoft.com"
$authority = "https://login.microsoftonline.com/$tenant"
 
try {
    $authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority 
    # https://msdn.microsoft.com/en-us/library/azure/microsoft.identitymodel.clients.activedirectory.promptbehavior.aspx
    # Change the prompt behaviour to force credentials each time: Auto, Always, Never, RefreshSession
    $platformParameters = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters" -ArgumentList "Auto"
    $userId = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.UserIdentifier" -ArgumentList ($intuneAutomationCredential.Username, "OptionalDisplayableId")   
    $userCredentials = New-Object Microsoft.IdentityModel.Clients.ActiveDirectory.UserPasswordCredential -ArgumentList $intuneAutomationCredential.Username, $intuneAutomationCredential.Password
    $authResult = [Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContextIntegratedAuthExtensions]::AcquireTokenAsync($authContext$resourceAppIdURI$intuneAutomationAppId$userCredentials);
 
    if ($authResult.Result.AccessToken) {
        $authHeader = @{
            'Content-Type'  = 'application/json'
            'Authorization' = "Bearer " + $authResult.Result.AccessToken
            'ExpiresOn'     = $authResult.Result.ExpiresOn
        }
    }
    elseif ($authResult.Exception) {
        throw "An error occured getting access token: $($authResult.Exception.InnerException)"
    }
}
catch { 
    throw $_.Exception.Message 
}
$LastLoop = $false
$AssetsProcessed = @{
    "created" = 0
    "primaryupdated" = 0
    "relatedupdated" = 0
    "found" = 0
    "totalupdated" = 0
}
while($LastLoop -eq $false -and $Resource -ne "") {
    Write-Output -InputObject ("Retrieving devices from: " + $Resource)
    $ManagedDevices = Invoke-RestMethod -Uri $Resource -Method Get -Headers $authHeader
 
    $DeviceCount = 0
    if($ManagedDevices.PSobject.Properties.name -match "@odata.count") {
        $DeviceCount = $ManagedDevices."@odata.count"
    }
    $Resource = ""
    if($ManagedDevices.PSobject.Properties.name -match "@odata.nextLink") {
        $Resource = $ManagedDevices."@odata.nextLink"
    }
 
    if($DeviceCount -eq 0) {
        $LastLoop = $true
    } else {
        $DevicesArr = $ManagedDevices.Value
        if($null -ne $DevicesArr) {
            foreach($Device in $DevicesArr){
                $AssetsProcessed.found++
                #Set Date/Time
                $CurrDateTime = Get-Date -format "yyyy/MM/dd HH:mm:ss"
                #Does asset exist?
                $AssetIDCheck = Get-HB-AssetID $Device.serialNumber $AssetEntity $AssetUniqueColumn
                if$null -ne $AssetIDCheck.AssetID) {
                    Write-Output -InputObject ("Asset already exists, updating: " + $AssetIDCheck.AssetID)
                    $UpdatedPrimary = $false
                    $UpdatedRelated = $false
                    #Asset Exists - Update Primary Entity Data First
                    Add-HB-Param        "application" "com.hornbill.servicemanager"
                    Add-HB-Param        "entity" "Asset"
                    Add-HB-Param        "returnModifiedData" "true"
                    Open-HB-Element     "primaryEntityData"
                    Open-HB-Element     "record"
                    Add-HB-Param        "h_pk_asset_id" $AssetIDCheck.AssetID
                    Add-HB-Param        "h_class" $AssetClass
                    Add-HB-Param        "h_asset_urn" ("urn:sys:entity:com.hornbill.servicemanager:Asset:"+$AssetIDCheck.AssetID)
                    if($null -ne $Device.userDisplayName -and $null -ne $Device.userPrincipalName) {
                        $OwnerURN = "urn:sys:0:" + $Device.userDisplayName + ":" + $Device.userPrincipalName
                        Add-HB-Param        "h_owned_by" $OwnerURN
                        Add-HB-Param        "h_owned_by_name" $Device.userDisplayName
                    }
                    Add-HB-Param        "h_name" $Device.deviceName
                    Add-HB-Param        "h_description" $Device.managedDeviceName
                    Close-HB-Element    "record"
                    Close-HB-Element    "primaryEntityData"
                    $UpdateAsset = Invoke-HB-XMLMC "data" "entityUpdateRecord"
 
                    if($UpdateAsset.status -eq 'ok' -and $UpdateAsset.params.primaryEntityData.PSobject.Properties.name -match "record") {
                        $UpdatedPrimary = $true
                        $AssetsProcessed.primaryupdated++
                        Write-Output -InputObject ("Asset Primary Record Updated: " + $AssetIDCheck.AssetID)
                    } else {
                        $ErrorMess = $UpdateAsset.error
                        if($UpdateAsset.params.primaryEntityData.PSobject.Properties.name -notmatch "record") {
                            $ErrorMess = "There are no values to update" 
                        }
                        Write-Warning ("Error Updating Primary Asset Record " + $AssetIDCheck.AssetID + ": " + $ErrorMess)
                    }
 
                    # Now update related record information
                    Add-HB-Param        "application" "com.hornbill.servicemanager"
                    Add-HB-Param        "entity" "Asset"
                    Add-HB-Param        "returnModifiedData" "true"
                    Open-HB-Element     "primaryEntityData"
                    Open-HB-Element     "record"
                    Add-HB-Param        "h_pk_asset_id" $AssetIDCheck.AssetID
                    Close-HB-Element    "record"
                    Close-HB-Element    "primaryEntityData"
                    Open-HB-Element     "relatedEntityData"
                    Add-HB-Param        "relationshipName" "AssetClass"
                    Add-HB-Param        "entityAction" "update"
                    Open-HB-Element     "record"
                    Add-HB-Param        "h_type" $AssetType
                    Add-HB-Param        "h_capacity" $Device.totalStorageSpaceInBytes
                    Add-HB-Param        "h_description" $Device.managedDeviceName
                    Add-HB-Param        "h_imei_number" $Device.imei
                    Add-HB-Param        "h_mac_address" $Device.wiFiMacAddress
                    Add-HB-Param        "h_manufacturer" $Device.manufacturer
                    Add-HB-Param        "h_model" $Device.model
                    Add-HB-Param        "h_name" $Device.deviceName
                    Add-HB-Param        "h_os_version" ($Device.operatingSystem + " " + $Device.osVersion)
                    Add-HB-Param        "h_phone_number" $Device.phoneNumber
                    Add-HB-Param        "h_serial_number" $Device.serialNumber
                    Close-HB-Element    "record"
                    Close-HB-Element    "relatedEntityData"
                    $UpdateAssetRelated = Invoke-HB-XMLMC "data" "entityUpdateRecord"
                    if($UpdateAssetRelated.status -eq 'ok') {
                        $UpdatedRelated = $true
                        $AssetsProcessed.relatedupdated++
                        Write-Output -InputObject ("Asset Related Record Updated: " + $AssetIDCheck.AssetID)
                    } else {
                        Write-Warning ("Error Updating Related Asset Record " + $AssetIDCheck.AssetID + ": " + $UpdateAssetRelated.error)
                    }
 
                    if($UpdatedPrimary -eq $true -or $UpdatedRelated -eq $true) {
                        $AssetsProcessed.totalupdated++
                        #Update Last Udated fields
                        Add-HB-Param        "application" "com.hornbill.servicemanager"
                        Add-HB-Param        "entity" "Asset"
                        Open-HB-Element     "primaryEntityData"
                        Open-HB-Element     "record"
                        Add-HB-Param        "h_pk_asset_id" $AssetIDCheck.AssetID
                        Add-HB-Param        "h_last_updated" $CurrDateTime
                        Add-HB-Param        "h_last_updated_by" "Azure Intune Import"
                        Close-HB-Element    "record"
                        Close-HB-Element    "primaryEntityData"
                        $UpdateLastAsset = Invoke-HB-XMLMC "data" "entityUpdateRecord"
                        if($UpdateLastAsset.status -ne 'ok') {
                            Write-Warning ("Asset updated but error returned updating Last Updated values: " + $UpdateLastAsset.error)    
                        }
                    }
 
                } else {
                    #Asset doesn't exist - Add
                    Add-HB-Param        "application" "com.hornbill.servicemanager"
                    Add-HB-Param        "entity" "Asset"
                    Add-HB-Param        "returnModifiedData" "true"
                    Open-HB-Element     "primaryEntityData"
                    Open-HB-Element     "record"
                    Add-HB-Param        "h_class" $AssetClass
                    Add-HB-Param        "h_type" $AssetType
                    Add-HB-Param        "h_last_updated" $CurrDateTime
                    Add-HB-Param        "h_last_updated_by" "Azure Intune Import"
                    if($null -ne $Device.userDisplayName -and $null -ne $Device.userPrincipalName) {
                        $OwnerURN = "urn:sys:0:" + $Device.userDisplayName + ":" + $Device.userPrincipalName
                        Add-HB-Param        "h_owned_by" $OwnerURN
                        Add-HB-Param        "h_owned_by_name" $Device.userDisplayName
                    }
                    Add-HB-Param        "h_name" $Device.deviceName
                    Add-HB-Param        "h_description" $Device.managedDeviceName
                    Close-HB-Element    "record"
                    Close-HB-Element    "primaryEntityData"
                    Open-HB-Element     "relatedEntityData"
                    Add-HB-Param        "relationshipName" "AssetClass"
                    Add-HB-Param        "entityAction" "insert"
                    Open-HB-Element     "record"
                    Add-HB-Param        "h_type" $AssetType
                    Add-HB-Param        "h_capacity" $Device.totalStorageSpaceInBytes
                    Add-HB-Param        "h_description" $Device.managedDeviceName
                    Add-HB-Param        "h_imei_number" $Device.imei
                    Add-HB-Param        "h_mac_address" $Device.wiFiMacAddress
                    Add-HB-Param        "h_manufacturer" $Device.manufacturer
                    Add-HB-Param        "h_model" $Device.model
                    Add-HB-Param        "h_name" $Device.deviceName
                    Add-HB-Param        "h_os_version" ($Device.operatingSystem + " " + $Device.osVersion)
                    Add-HB-Param        "h_phone_number" $Device.phoneNumber
                    Add-HB-Param        "h_serial_number" $Device.serialNumber
                    Close-HB-Element    "record"
                    Close-HB-Element    "relatedEntityData"
                    $InsertAsset = Invoke-HB-XMLMC "data" "entityAddRecord"
                    if($InsertAsset.status -eq 'ok') {
                        $AssetsProcessed.created++
                        Write-Output -InputObject ("Asset Imported: " + $InsertAsset.params.primaryEntityData.record.h_pk_asset_id)
                        #Now update the asset with its URN
                        Add-HB-Param        "application" "com.hornbill.servicemanager"
                        Add-HB-Param        "entity" "Asset"
                        Open-HB-Element     "primaryEntityData"
                        Open-HB-Element     "record"
                        Add-HB-Param        "h_pk_asset_id" $InsertAsset.params.primaryEntityData.record.h_pk_asset_id
                        Add-HB-Param        "h_asset_urn" ("urn:sys:entity:com.hornbill.servicemanager:Asset:"+$InsertAsset.params.primaryEntityData.record.h_pk_asset_id)
                        Close-HB-Element    "record"
                        Close-HB-Element    "primaryEntityData"
                        $UpdateAsset = Invoke-HB-XMLMC "data" "entityUpdateRecord"
                        if($UpdateAsset.status -eq 'ok') {
                        } else {
                            Write-Warning ("Error Updating Asset URN: " + $UpdateAsset.error)    
                        }
 
                    } else {
                        Write-Warning ("Error Creating Asset: " + $InsertAsset.error)
                    }
                }
            }
        }
    }
}
""
"IMPORT COMPLETE"
Write-Output -InputObject ("Assets Found:" + $AssetsProcessed.found)
Write-Output -InputObject ("Assets Created:" + $AssetsProcessed.created)
Write-Output -InputObject ("Assets Updated:" + $AssetsProcessed.created)
Write-Output -InputObject ("* Primary Record Updated:" + $AssetsProcessed.primaryupdated)
Write-Output -InputObject ("* Related Record Updated:" + $AssetsProcessed.relatedupdated)
Link to comment
Share on other sites

  • 2 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
×
×
  • Create New...