Generate-IntuneAnomaliesReport

0.2

This PowerShell script connects to Microsoft Graph API and generates a comprehensive interactive HTML report that identifies various anomalies and potential issues in your Microsoft Intune environment. The script performs deep analysis of managed Windows devices and provides actionable insights for IT administrators to maintain optimal device management and security.
This PowerShell script connects to Microsoft Graph API and generates a comprehensive interactive HTML report that identifies various anomalies and potential issues in your Microsoft Intune environment. The script performs deep analysis of managed Windows devices and provides actionable insights for IT administrators to maintain optimal device management and security.

Key Features:
- Application Failure Analysis: Identifies applications with high failure rates that may indicate packaging or deployment issues
- Multi-User Device Detection: Locates user-driven devices with multiple logged-on users that should be re-enrolled as shared devices
- Encryption Status Monitoring: Reports devices without BitLocker encryption, highlighting significant security risks
- Autopilot Hash Validation: Identifies non-company owned devices missing hardware hash registration in Autopilot
- Inactive Device Tracking: Lists devices that haven't contacted Intune in 90+ days for cleanup consideration
- Compliance Policy Violations: Provides detailed breakdown of non-compliant devices with specific violation reasons
- OS Edition Overview: Displays operating system editions across the environment for license optimization opportunities
- Disabled User Detection: Identifies devices assigned to disabled Microsoft Entra ID user accounts

The generated HTML report features:
- Interactive dashboard with advanced filtering capabilities for each anomaly category
- Dark/light theme support with automatic system preference detection
- Export functionality (Excel, CSV, PDF, Print) for all data tables
- Responsive design that works across all modern web browsers
- Real-time search and pagination for large datasets
- Visual statistics cards showing anomaly counts at a glance

Authentication Methods Supported:
- Interactive browser-based authentication for interactive sessions
- Service principal authentication using client secret for automated scenarios
- Certificate-based authentication for enhanced security in production environments
- Managed identity authentication for Azure-hosted automation (Azure Automation, Functions, etc.)
- Access token authentication for custom authentication workflows

The script includes email functionality to automatically distribute reports to stakeholders with detailed HTML content and the interactive report as an attachment. All data collection is optimized for performance with efficient Graph API calls and proper error handling.


Show more

Installation Options

Copy and Paste the following command to install this package using PowerShellGet More Info

Install-Script -Name Generate-IntuneAnomaliesReport -RequiredVersion 0.2

Copy and Paste the following command to install this package using Microsoft.PowerShell.PSResourceGet More Info

You can deploy this package directly to Azure Automation. Note that deploying packages with dependencies will deploy all the dependencies to Azure Automation. Learn More

Manually download the .nupkg file to your system's default download location. Note that the file won't be unpacked, and won't include any dependencies. Learn More

Owners

Copyright

(c) 2025 Roy Klooster - RK Solutions. All rights reserved.

Package Details

Author(s)

  • Roy KLooster

Tags

RKSolutions Microsoft365 MicrosoftIntune MicrosoftEntraID MicrosoftGraph DeviceManagement Compliance Autopilot BitLocker Reporting

Functions

New-IntuneAnomaliesHTMLReport Invoke-GraphRequestWithPaging Install-Requirements Connect-ToMgGraph Get-AllDeviceData Get-OperatingSystemProductType Get-OSFriendlyName Convert-Size Get-ApplicationFailures Get-AutopilotProfilesInformation Send-EmailWithAttachment

Dependencies

This script has no dependencies.

Release Notes

0.1 - Initial version of the script providing comprehensive Intune anomalies reporting functionality.
Features include: Application failure analysis, multiple user detection on single-user devices,
encryption status monitoring, Autopilot hash validation, inactive device tracking,
compliance policy violation details, OS edition overview, and disabled user detection.
Supports multiple authentication methods and email functionality with interactive HTML reports.
0.2 - Filtered out the "Managed by MDE". Otherwise you get inconsistant information

FileList

Version History

Version Downloads Last updated
0.4 6 6/20/2025
0.3 41 6/18/2025
0.2 (current version) 244 6/13/2025
0.1 12 6/13/2025