Intune Win32 & Powershell
I did not find the complete story anywhere so I put this together so it would be easier for others to get PS and Intune making nice.
I expect some familiarity with Intune and Win32 apps, as I will skip most of the pretext.
As most of you know creating Win32 apps one needs to use this project on github. Then just put your stuff in a folder and point the tool at that.
This is the structure I have found works best:
Copy your script into the folder, for this example we just call it Script.ps1.
Create a Run.cmd file in the same folder with the following content:
1 2 3 4 5 6 7 | @echo off IF %PROCESSOR_ARCHITECTURE% == x86 (%SystemRoot%\sysnative\WindowsPowerShell\v1.0\powershell.exe -WindowStyle Hidden -NoProfile -nologo -executionpolicy bypass -file ".\Script.ps1") ELSE (powershell.exe -WindowStyle Hidden -NoProfile -nologo -executionpolicy bypass -file ".\Script.ps1") exit %ERRORLEVEL% |
Make sure there is no lineshift in front of the ELSE statement.
Use the following structure for the Script.ps1:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 | try { [Some Code] [Handle Errors] Write-Error -Message "Error" -ErrorAction Stop -Category OperationStopped [Handle Errors] [Some Code] # All is well Write-Output -InputObject "Success" #exit 0 # Require (soft) reboot exit 3010 } catch { [Error handling code] # Add -1 to the Win32 app as an failed state exit -1 } finally { [clean up] } |
The Exit <value> will set the %ERRORLEVEL% variable in the cmd, and calling exit on this in the cmd will make sure the exit code get’s handed over to Intune.
Another trick the cmd is doing (as intune will run up a 32bit cmd) is to make sure a 64bit PS session will start as I figure there is not many 32bits installations of Win10 left.
Though running in 32 bit PS, stuff like talking to the registry does not work.
Happy tinkering!