anyweb Posted February 1, 2018 Report post Posted February 1, 2018 Introduction Occasionally you want to inform users about something, such as the need to update or install software, and the easiest way to do that is with some sort of a popup notification. The ability to do that in Microsoft Intune is not currently available in the product although it is a Uservoice item in progress. In the meantime however, if you need to send a notification to users of Windows devices in Microsoft Intune, it's possible using PowerShell and here's how to do it. The idea here is that you can customize the PowerShell script to deliver the message you want (and if necessary take possible actions, however you need to add your custom code to the script and it must not exceed 200KB). the screenshots below are taken on a Windows 10 version 1709 device enrolled into Intune, the device is logged on as a user with normal permissions (not an Administrator) and this was configured with Windows AutoPilot. Note: The Intune management extension which is used to run the PowerShell script has the following prerequisites: Devices must be joined to Azure AD Devices must run Windows 10, version 1607 or later Step 1. Download the script Download the DisplayMessageInIntune.ps1 script. DisplayMessageInIntune.zip Step 2. Edit the script in ISE Launch PowerShell ISE and open the extracted downloaded script. Scroll down to the following values. The values are currently set as PowerShell Parameters with the hope that the current functionality in Microsoft Intune will support Params with PowerShell scripts in the future (I've requested this ability as a DCR to Microsoft directly). If this ability does come to Intune then I will blog an update to this post explaining how to make it dynamic. When you've changed the message title and message body, you might also want to change the Type and Option available to the user, below are the values you can configure. $Option can be any of the following values "OK" "OKCancel" "AbortRetryIgnore" "YesNoCancel" "YesNo" "RetryCancel" $Type can be any of the following values "Asterisk" "Error" "Exclamation" "Hand" "Information" "None" "Question" "Stop" "Warning " Finally after line 69 you can add any additional code you want, for example to check what key was pressed etc. Step 3. Upload the script to Microsoft Intune In the Intune service in Azure select Device Configuration and click on PowerShell Scripts. In PowerShell scripts, click on Add. Enter the following values: Name: "Display a message in Intune" Description: "Using PowerShell to messages in Intune" Script location: DisplayMessageInIntune.ps1 Next click on Settings, Configure to see the options available, Change the first option so that the script runs with the same permissions as the logged on user. Click OK when done and then click on Create to create the PowerShell script in Intune. Next click on Assignments to assign the PowerShell script to a Group of Users. To do that, click on Select Groups and then select a Group of Users that you'd like to assign this to. Next click on Save to save this group. Step 4. Review what happens on a Windows device On a Windows device, logon using the credentials of a user that is in the selected group that you assigned the PowerShell script to. Tip: You can restart the Microsoft Intune Management Extension service (as a user account with Administrator permissions) rather than wait one hour for that extension service to run the PowerShell script. Note: Your users don't need to do the service restart, this is just so you get instant gratification and can review the end-result. After the policy is received the message popup is displayed on top of all windows. result ! Troubleshooting You can review 2 logs files, one is the log file for Microsoft Intune Management Extension: C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\IntuneManagementExtension.log and the other is generated by the PowerShell script itself: C:\Windows\Temp\DisplayMessageInIntune.log Note: If you want to display the message to a user in SYSTEM context then download serviceUI.exe from the MDT toolkit and launch powershell with that exe, like so... and create a Win32 App instead of using a PowerShell script option. ServiceUI.exe -process:explorer.exe %SYSTEMROOT%\System32\WindowsPowerShell\v1.0\powershell.exe -NoProfile -WindowStyle Hidden -ExecutionPolicy Bypass -File DisplayMessageInIntune.ps1 Recommended reading https://docs.microsoft.com/en-us/intune/intune-management-extension https://oliverkieselbach.com/2017/11/29/deep-dive-microsoft-intune-management-extension-powershell-scripts/ https://www.petervanderwoude.nl/post/combining-the-powers-of-the-intune-management-extension-and-chocolatey/ Quote Share this post Link to post Share on other sites More sharing options...
Vijayasekhar Naidu Posted November 21, 2019 Report post Posted November 21, 2019 Thank you, I observed that Script settings is "Run this script using the logged on credentials" = "Yes ". My requirement is postpone the app installation using AppdeploymentToolKit(CodePlex). Zoom is the application which is going to upgrade ( uninstall old version and install new version) & this is the core application, so all machines having it. To execute this application administrative rights required. So using above Script settings can't keep "Yes". Is there any other way to provide pop-up message box from Intune. Note: I am using Powershell AppDeploymentToolKit. Quote Share this post Link to post Share on other sites More sharing options...
sjmckeeman Posted January 9, 2020 Report post Posted January 9, 2020 This looks very useful for a case I have. Is the script still available somewhere? Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted January 9, 2020 Report post Posted January 9, 2020 it's still here, just click on the download (it's only available to logged in registered members) Quote Share this post Link to post Share on other sites More sharing options...
RR874 Posted October 21, 2022 Report post Posted October 21, 2022 When we click on the download on that script it says the script is not available. Quote Share this post Link to post Share on other sites More sharing options...
anyweb Posted October 21, 2022 Report post Posted October 21, 2022 please see my reply above yours Quote Share this post Link to post Share on other sites More sharing options...
petergroft Posted March 13 Report post Posted March 13 Send a custom notification to groups 1. Sign in to the Microsoft Intune admin center with an account that has permission to create and send notifications, and go to Tenant administration > Custom notifications. 2. On the Basics tab, specify the following and then select Next to continue. Title – Specify a title for this notification. Titles are limited to 50 characters. Body – Specify the message. Messages are limited to 500 characters. 3. On the Assignments tab, select the groups to which you'd like to send this custom notification and then select Next to continue. Sending a notification to a group will target only the users of that group; the notification will go to all iOS/iPad OS and Android devices enrolled by that user. 4. On the Review + Create tab, review the information, and when ready to send the notification, select Create. Greetings, Peter Quote Share this post Link to post Share on other sites More sharing options...
