Skip to content

AnonGoldup/device-sync-myserve

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
Compliance
Compliance
 
 
Intune
Intune
 
 
Inventory
Inventory
 
 
Reporting
Reporting
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

Device Sync and Endpoint Management

PowerShell toolkit for Microsoft Intune device management, inventory reconciliation, compliance reporting, and endpoint monitoring via Microsoft Graph API.

Features

  • Device Compliance Reporting - Query all managed devices and generate compliance summaries with pass/fail rates
  • Remote Device Sync - Trigger sync on all devices or targeted Azure AD groups with batch throttling
  • Device Inventory - Comprehensive hardware and software inventory across the managed fleet
  • Stale Device Detection - Identify and optionally retire devices that haven't checked in
  • AD vs Intune Reconciliation - Compare on-premises Active Directory against Intune enrollment for coverage gaps
  • Non-Compliant Device Analysis - Drill into specific compliance policy failures per device
  • Windows Update Compliance - Track patch levels and update ring assignments across Windows devices
  • HTML Compliance Dashboard - Self-contained HTML dashboard with compliance metrics and device statistics

Scripts

Intune Management

Script Description
Intune/Get-IntuneDeviceCompliance.ps1 Retrieves compliance status for all managed devices with summary statistics
Intune/Sync-IntuneDevices.ps1 Triggers remote sync on all devices or by Azure AD group with batch throttling

Inventory

Script Description
Inventory/Get-DeviceInventory.ps1 Full device inventory - hardware, OS, encryption, storage, enrollment details
Inventory/Get-StaleDevices.ps1 Identifies inactive devices with optional automated retirement
Inventory/Compare-ADvsIntune.ps1 Reconciles AD computer objects against Intune enrollment for coverage analysis

Compliance

Script Description
Compliance/Get-NonCompliantDevices.ps1 Non-compliant device details with specific policy failure reasons
Compliance/Get-WindowsUpdateCompliance.ps1 Windows Update ring compliance and patch level reporting

Reporting

Script Description
Reporting/New-DeviceComplianceDashboard.ps1 Generates self-contained HTML dashboard with compliance metrics

Usage

Generate Compliance Report

.\Intune\Get-IntuneDeviceCompliance.ps1 -ExportPath "C:\Reports\compliance.csv"

Sync All Devices

.\Intune\Sync-IntuneDevices.ps1 -BatchSize 50 -ThrottleDelayMs 3000

Find Stale Devices (90+ Days Inactive)

.\Inventory\Get-StaleDevices.ps1 -DaysInactive 90 -ExportPath "C:\Reports\stale.csv"

Compare AD vs Intune Coverage

.\Inventory\Compare-ADvsIntune.ps1 -SearchBase "OU=Workstations,DC=contoso,DC=com"

Non-Compliant Device Details

.\Compliance\Get-NonCompliantDevices.ps1 -GroupByPolicy

Generate HTML Dashboard

.\Reporting\New-DeviceComplianceDashboard.ps1 -OutputPath "C:\Reports\dashboard.html"

Prerequisites

  • PowerShell 5.1 or PowerShell 7+
  • Microsoft Graph PowerShell SDK (Microsoft.Graph.DeviceManagement)
  • Active Directory PowerShell module (for AD comparison script)
  • Azure AD permissions:
    • DeviceManagementManagedDevices.Read.All
    • DeviceManagementManagedDevices.ReadWrite.All (for device sync/retire)
    • DeviceManagementConfiguration.Read.All (for compliance policies)

License

MIT License

About

PowerShell Intune device management - compliance reporting, inventory reconciliation, stale device detection, HTML dashboards via Microsoft Graph

Topics

automation powershell device-management

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages