Jump to content


Sign in to follow this  
anyweb

How can I send notification messages using PowerShell in Microsoft Intune

Recommended Posts

Introduction

Occasionally you want to inform users about something, such as the need to update or install software, and the easiest way to do that is with some sort of a popup notification. The ability to do that in Microsoft Intune is not currently available in the product although it is a Uservoice item in progress. In the meantime however, if you need to send a notification to users of Windows devices in Microsoft Intune, it's possible using PowerShell and here's how to do it.

The idea here is that you can customize the PowerShell script to deliver the message you want (and if necessary take possible actions, however you need to add your custom code to the script and it must not exceed 200KB). the screenshots below are taken on a Windows 10 version 1709 device enrolled into Intune, the device is logged on as a user with normal permissions (not an Administrator) and this was configured with Windows AutoPilot.

Note: The Intune management extension which is used to run the PowerShell script has the following prerequisites:

  • Devices must be joined to Azure AD
  • Devices must run Windows 10, version 1607 or later

Step 1. Download the script

Download the DisplayMessageInIntune.ps1 script.

DisplayMessageInIntune.zip

Step 2. Edit the script in ISE

Launch PowerShell ISE and open the extracted downloaded script. Scroll down to the following values. The values are currently set as PowerShell Parameters with the hope that the current functionality in Microsoft Intune will support Params with PowerShell scripts in the future (I've requested this ability as a DCR to Microsoft directly). If this ability does come to Intune then I will blog an update to this post explaining how to make it dynamic.

parameters.png

When you've changed the message title and message body, you might also want to change the Type and Option available to the user, below are the values you can configure.

$Option can be any of the following values

"OK"
"OKCancel"
"AbortRetryIgnore"
"YesNoCancel"
"YesNo"
"RetryCancel"

$Type can be any of the following values

"Asterisk"
"Error"
"Exclamation"
"Hand"
"Information"
"None"
"Question"
"Stop"
"Warning "


Finally after line 69 you can add any additional code you want, for example to check what key was pressed etc.

Step 3. Upload the script to Microsoft Intune

In the Intune service in Azure select Device Configuration and click on PowerShell Scripts.

device configuration.png

In PowerShell scripts, click on Add.

Enter the following values:

Name: "Display a message in Intune"

Description: "Using PowerShell to messages in Intune"

Script location: DisplayMessageInIntune.ps1

upload script.png

Next click on Settings, Configure to see the options available, 

configure script settings.png

Change the first option so that the script runs with the same permissions as the logged on user.

run as user.png

Click OK when done and then click on Create to create the PowerShell script in Intune.

assign powershell.png

Next click on Assignments to assign the PowerShell script to a Group of Users.

To do that, click on Select Groups and then select a Group of Users that you'd like to assign this to.

assignments.png

Next click on Save to save this group.

save.png

Step 4. Review what happens on a Windows device

On a Windows device, logon using the credentials of a user that is in the selected group that you assigned the PowerShell script to.

Tip: You can restart the Microsoft Intune Management Extension service (as a user account with Administrator permissions) rather than wait one hour for that extension service to run the PowerShell script.

restart the microsoft intune management service.png

Note: Your users don't need to do the service restart, this is just so you get instant gratification and can review the end-result.

After the policy is received the message popup is displayed on top of all windows.

this is a popup message.png

result !

Troubleshooting

You can review 2 logs files, one is the log file for Microsoft Intune Management Extension:

C:\ProgramData\Microsoft\IntuneManagementExtension\Logs\IntuneManagementExtension.log

intune management extension log.png

and the other is generated by the PowerShell script itself:

C:\Windows\Temp\DisplayMessageInIntune.log

DisplayMessageInIntune log.png

Recommended reading

DisplayMessageInIntune.zip

Share this post


Link to post
Share on other sites


Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Loading...
Sign in to follow this  

×
×
  • Create New...