Inconsistent Intune PowerShell module results

If you run the command:

get-intuneconfigurationpolicy

you’d except to see all your Intune configuration policies displayed.

image

However, after connecting to the Microsoft Graph module you see that nothing is returned. My experience has also been receiving incomplete results using these commands.

image

What I have found is that using the Microsoft Graph directly by using commands like:

$uri = “https://graph.microsoft.com/beta/deviceManagement/deviceConfigurations/”

(Invoke-MSGraphRequest -Url $URI -HttpMethod GET).value

produces the desired results as shown above in the same environment.

So my tip is when working with Intune and Endpoint Manager with PowerShell is, use the Microsoft Grah directly to obtain and set the information you need.


Go get Defender EASM

As the MS documentation says:

Microsoft Defender External Attack Surface Management (Defender EASM) continuously discovers and maps your digital attack surface to provide an external view of your online infrastructure.

Basically you plug in your resources like:

  • Domains

  • Hostnames

  • Web Pages

  • IP Blocks

  • IP Addresses

  • ASNs

  • SSL Certificates

  • WHOIS Contacts

Defender EASM will then use these as a ‘seed’ to search through public information and report back.

Screenshot of Overview Dashboard

You’ll then discover not only if you have any vulnerabilities in things like routers, web sites, etc but you’ll also probably find a whole swag of information that you didn’t know was out there.

In short, Defender EASM, acts as kind of a scheduled ‘penetration test’ for your environment, which I think is super handy

image

As you can see above, it ain’t very expensive either! To me that makes it a no-brainer. In my environment I have 40 odd discovered assets making the cost 64 cents a day and just over $19 per month! Peanuts for what it provides. Best of all, you also get a a free 30 day trial to see what it is all about.

Like Microsoft Sentinel back in the day, it is still early days for this service and I expect it to improve rapidly so now is the time to jump on board and start using it to get a feel for what it is all about. I certain have, and I encourage you to do the same.

Microsoft has documentation here:

Defender EASM Overview

if you want to read more.

CIAOPS Need to Know Microsoft 365 Webinar – August

laptop-eyes-technology-computer

Join me for the free monthly CIAOPS Need to Know webinar. Along with all the Microsoft Cloud news we’ll be taking a look at Teams Shared Channels in Microsoft 365.

Shortly after registering you should receive an automated email from Microsoft Teams confirming your registration, including all the event details as well as a calendar invite.

You can register for the regular monthly webinar here:

August Webinar Registrations

(If you are having issues with the above link copy and paste – https://bit.ly/n2k2208 – into your browser or scan this QR code)

QR Code

The details are:

CIAOPS Need to Know Webinar – August 2022
Friday 26th of August 2022
11.00am – 12.00am Sydney Time

All sessions are recorded and posted to the CIAOPS Academy.

The CIAOPS Need to Know Webinars are free to attend but if you want to receive the recording of the session you need to sign up as a CIAOPS patron which you can do here:

http://www.ciaopspatron.com

or purchase them individually at:

http://www.ciaopsacademy.com/

Also feel free at any stage to email me directly via director@ciaops.com with your webinar topic suggestions.

I’d also appreciate you sharing information about this webinar with anyone you feel may benefit from the session and I look forward to seeing you there.