0

Here is the code that I created but not working.

Define variables, here I created all the variables for the script.

$SourceFolder = "E:\Temp2\PowershellScript\IntuneWin32App-Tool\DummyApp"  # Folder containing the app installer
$SetupFile = "7z2409-x64.msi"              # Name of the installer file
$SetfileName = [System.IO.Path]::GetFileNameWithoutExtension($SetupFile)
$OutputFolder = "E:\Temp2\PowershellScript\IntuneWin32App-Tool\IntuneWin32App_Output\$AppName"       # Folder to save the .intunewin file
$IntuneWinToolPath = "E:\Tools\IntuneWinAppUtil.exe" # Path to IntuneWinAppUtil.exe
#$IconPath = "C:\Path\To\Icon.png"         # Path to the application icon
#$DetectionScriptPath = "C:\Path\To\DetectionScript.ps1" # Path to custom detection script

Step 1: Package the application into .intunewin format

Start-Process -FilePath $IntuneWinToolPath -ArgumentList @("-c", $SourceFolder, "-s", $SetupFile, "-o", $OutputFolder, "-q") -Wait -WindowStyle Hidden
Write-Host "Intunewin file created under $OutputFolder"

Step 2: Authenticate with Microsoft Graph API

$TenantId = "YourTenantID"
$ClientId = "YourClientID"
$ClientSecret = "YourClientSecret"

$Body = @{
    grant_type    = "client_credentials"
    client_id     = $ClientId
    client_secret = $ClientSecret
    scope         = "https://graph.microsoft.com/.default"
}

$TokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token" -Method Post -Body $Body
$AccessToken = $TokenResponse.access_token

Step 3: Upload the .intunewin file to Intune

$IntuneWinFilePath = Join-Path -Path $OutputFolder -ChildPath "$SetfileName.intunewin"
$FileContent = [System.IO.File]::ReadAllBytes($IntuneWinFilePath)
$EncodedContent = [Convert]::ToBase64String($FileContent)

$Headers = @{
    "Authorization" = "Bearer $AccessToken"
    "Content-Type"  = "application/json"
}

$AppMetadata = @{
    displayName = $AppName
    description = "Description of your app"
    publisher   = "Your Publisher"
    isFeatured  = $false
    informationUrl = "https://yourappwebsite.com"
    privacyInformationUrl = "https://yourappwebsite.com/privacy"
    installCommandLine = "msiexec /i $SetupFile /qn"
    uninstallCommandLine = "msiexec /x $SetupFile /qn"
}

$MetadataResponse = Invoke-RestMethod -Uri "https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps" -Method Post -Headers $Headers -Body ($AppMetadata | ConvertTo-Json -Depth 10)

Write-Host "Application uploaded successfully!"

Step 4: Upload Icon

$IconContent = [System.IO.File]::ReadAllBytes($IconPath)
$EncodedIcon = [Convert]::ToBase64String($IconContent)

$IconMetadata = @{
    icon = $EncodedIcon
}

Invoke-RestMethod -Uri "https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps/$($MetadataResponse.id)/icon" -Method Patch -Headers $Headers -Body ($IconMetadata | ConvertTo-Json -Depth 10)

Write-Host "Icon uploaded successfully!"

Step 5: Configure Detection Method

$DetectionChoice = Read-Host "Enter choice"

if ($DetectionChoice -eq "1") {
    $DetectionRule = @{
        detectionType = "file"
        path = "C:\Program Files\$AppName"
        fileOrFolderName = "$AppName.exe"
    }
} elseif ($DetectionChoice -eq "2") {
    $DetectionRule = @{
        detectionType = "registry"
        keyPath = "HKLM\SOFTWARE\$AppName"
        valueName = "Version"
    }
} elseif ($DetectionChoice -eq "3") {
    Write-Host "Using custom detection script..."
    $ScriptContent = [System.IO.File]::ReadAllBytes($DetectionScriptPath)
    $EncodedScript = [Convert]::ToBase64String($ScriptContent)

    $DetectionRule = @{
        detectionType = "script"
        scriptContent = $EncodedScript
    }
} else {
    Write-Host "Invalid choice. Defaulting to file detection."
    $DetectionRule = @{
        detectionType = "file"
        path = "C:\Program Files\$AppName"
        fileOrFolderName = "$AppName.exe"
    }
}

Invoke-RestMethod -Uri "https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps/$($MetadataResponse.id)/detectionRules" -Method Post -Headers $Headers -Body ($DetectionRule | ConvertTo-Json -Depth 10)

Write-Host "Detection method configured successfully!"

Can someone help to get it fixed, I have already created the App registration with appropriate permissions. Thanks you!

Error: Bad request 404 at the Invoke-request command line. Unautorized access.

Improve this question
1
  • You said it fails at the invoke-request command but where exactly in your code is it failing? Please send the full response body of the error(you'll likely need to use postman to get this) Commented Jun 18 at 1:52
Related questions
1103
How to run a PowerShell script
1116
How do you comment out code in PowerShell?
997
How do I concatenate strings and variables in PowerShell?
Load 7 more related questions Show fewer related questions

0

Reset to default

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.