Get-IntuneAppAssignments

1.0

Get-IntuneAppAssignments.ps1

                                
<#PSScriptInfo

.VERSION 1.0

.GUID d295cb9c-f4ed-4431-824b-3a80ca91fc3c

.AUTHOR Will

.COMPANYNAME Me

.COPYRIGHT

.TAGS Intune,Apps, Assignments

.LICENSEURI

.REQUIREDMODULES

.RELEASENOTES

### Version 1.0 ###

- First upload of script file.

#>

<#

.DESCRIPTION

 Will attempt to get applications and their assignments from intune.

#>

[CmdletBinding()]

param (

    [Parameter()]

    [string]$tenantID

)

begin {

    function checkgroupID($group) {

        <#

        .SYNOPSIS

            Function takes in the group ID and checks it against the All Users and All Devices group IDs.

            If it does not match either group ID it will check the variable $allAADGroups for the group ID and use that instead.

        #>

        switch ($group) {

            { $groupId -eq 'acacacac-9df4-4c7d-9d50-4ef0226f57a9' } { "All Users" }

            { $groupId -eq 'adadadad-808e-44e2-905a-0b7873a8a531' } { "All Devices" }

            default { ($allAADGroups | Where-Object Id -like $groupId | Select-Object DisplayName).DisplayName }

        }

    }

    #   Connect to Graph   #

    $mggraphScopes = @(

        "DeviceManagementApps.Read.All",

        "Group.Read.All",

        "DeviceManagementApps.Read.All"

    )

    if (!$tenantID) {

        Connect-MgGraph -Scopes $mggraphScopes -NoWelcome

    }

    else {

        Connect-MgGraph -Scopes $mggraphScopes -tenantId $tenantID -NoWelcome

    }

    $allAADGroups = Get-MgGroup -All

    $applications = invoke-MgGraphRequest -Method GET `

        -Uri 'https://graph.microsoft.com/beta/deviceAppManagement/mobileApps' -OutputType PSObject

}

process {

    # Set the Count for the progress timer.

    $count = 0

    $output = @()

    foreach ($application in $applications.value) {

        # Writes the progress bar to console.

        Write-Progress -PercentComplete ($count / $applications.value.count * 100) `

            -Status "Processing Apps..." `

            -Activity "Checking $count of $($applications.value.count) for assignments..."

        # This gets the assignment IDs for the current application in the loop.

        $assignmentIDs = Invoke-MgGraphRequest -Method GET `

            -Uri "https://graph.microsoft.com/v1.0/deviceAppManagement/mobileApps/$($application.Id)/assignments"

        # This loops through each assignment and creates a new object with the relevant information in it.

        foreach ($assignment in $assignmentIDs.value) {

            # The IDs come in a strange format, this removes the crap.

            $groupId = $assignment.Id.Split("_")[0]

                $output += [PSCustomObject]@{

                ID          = $application.Id

                DisplayName = $application.DisplayName

                Type        = $application.'@odata.type'

                Assignment  = $groupId | checkgroupID # This references the function towards the top of the scripts.

                Intent      = $assignment.Intent

            }

        }

        Start-Sleep -Milliseconds 50

        $count++

    }

    Write-Progress -Activity "Checking $count of $($applications.Count) for assignments..." -Completed

}

end {

    return $output

}