public async System.Threading.Tasks.Task <FileResult> DownloadDeviceManagementScript(String Id)
{
GraphIntune graphIntune = new GraphIntune(null);
DeviceManagementScript script = await graphIntune.GetDeviceManagementScriptAsync(Id);
return(File(script.ScriptContent, "text/plain", script.FileName));
}
public async Task <DeviceManagementScript> Create(DeviceManagementScript deviceScript)
{
var request = _serializationHelper.Serialize(deviceScript);
var response = await _connector.SendPostRequest(BaseResource, request);
return(_serializationHelper.Deserialize <DeviceManagementScript>(response));
}
public async Task <DeviceManagementScript> GetDeviceManagementScriptAsync(string Id)
{
var resource = graphServiceClient.DeviceManagement.DeviceManagementScripts[Id].Request();
signalRMessage.sendMessage($"GET: {resource.RequestUrl}");
DeviceManagementScript deviceManagementScript = await resource.GetAsync();
return(deviceManagementScript);
}
public static async Task <DeviceManagementScript> GetDeviceManagementScriptAsync(string Id)
{
var graphClient = GetAuthenticatedClient();
DeviceManagementScript deviceManagementScript = await graphClient
.DeviceManagement.DeviceManagementScripts[Id]
.Request()
.GetAsync();
return(deviceManagementScript);
}
public async Task <DeviceManagementScript> AddDeviceManagementScriptAsync(DeviceManagementScript deviceManagementScript)
{
deviceManagementScript.Id = null;
var resource = graphServiceClient.DeviceManagement.DeviceManagementScripts.Request();
signalRMessage.sendMessage($"POST: {resource.RequestUrl}");
var response = await resource.AddAsync(deviceManagementScript);
signalRMessage.sendMessage($"Success: added {response.ODataType} '{response.DisplayName}'");
return(response);
}
public async Task <DeviceManagementScript> PatchDeviceManagementScriptAsync(DeviceManagementScript deviceManagementScript)
{
deviceManagementScript.LastModifiedDateTime = null;
deviceManagementScript.CreatedDateTime = null;
var resource = graphServiceClient.DeviceManagement.DeviceManagementScripts[deviceManagementScript.Id].Request();
signalRMessage.sendMessage($"PATCH: {resource.RequestUrl}");
var response = await resource.UpdateAsync(deviceManagementScript);
signalRMessage.sendMessage($"Success: updated {response.ODataType} '{response.DisplayName}'");
return(response);
}
public async Task <ActionResult> DownloadDeviceManagementScript(String Id)
{
try
{
GraphIntune graphIntune = new GraphIntune(null);
DeviceManagementScript script = await graphIntune.GetDeviceManagementScriptAsync(Id);
return(File(script.ScriptContent, "text/plain", script.FileName));
}
catch (ServiceException e)
{
Flash(e.Error.Message);
return(RedirectToAction("Index", "Home"));
}
}
public void CreateDeviceManagementScript(DeviceManagementService service)
{
var encoder = new EncodingHelpers();
var deviceScript = new DeviceManagementScript
{
DisplayName = $"Test {Guid.NewGuid()}",
Datatype = "#microsoft.graph.deviceManagementScript",
Description = "Test script",
ScriptContent = encoder.Base64Encode("echo test"),
EnforceSignatureCheck = false,
FileName = "test.ps1",
RunAsAccount = "system"
};
var response = service.Create(deviceScript);
response.Should().NotBeNull();
response.Result.Should().NotBeNull();
response.Result.Id.Should().NotBeEmpty();
Console.WriteLine(response.Result.Id);
}
public async Task AddIntuneConfig(string result)
{
// Supported device configuration types need to be declared to distinguish from other intune items
// Windows 10
supportedDeviceConfigurations.Add("#microsoft.graph.windows10GeneralConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsDeliveryOptimizationConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsUpdateForBusinessConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10EndpointProtectionConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10CustomConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsKioskConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsDefenderAdvancedThreatProtectionConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10PkcsCertificateProfile");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsHealthMonitoringConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10TeamGeneralConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsDomainJoinConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.editionUpgradeConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10EasEmailProfileConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsIdentityProtectionConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10NetworkBoundaryConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.sharedPCConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsWifiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows81TrustedRootCertificate");
supportedDeviceConfigurations.Add("#microsoft.graph.windows81SCEPCertificateProfile");
supportedDeviceConfigurations.Add("microsoft.graph.groupPolicyConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.groupPolicyConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsHealthMonitoringConfiguration");
// Android Enterprise Device Owner
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerTrustedRootCertificate");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerImportedPFXCertificateProfile");
// Android Enterprise Work Profile
supportedDeviceConfigurations.Add("#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidWorkProfileCustomConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidWorkProfileNineWorkEasConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidWorkProfileTrustedRootCertificate");
// iOS
supportedDeviceConfigurations.Add("#microsoft.graph.iosTrustedRootCertificate");
supportedDeviceConfigurations.Add("#microsoft.graph.iosPkcsCertificateProfile");
supportedDeviceConfigurations.Add("#microsoft.graph.iosWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosCustomConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosEasEmailProfileConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosDeviceFeaturesConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosEnterpriseWiFiConfiguration");
// macOS
supportedDeviceConfigurations.Add("#microsoft.graph.macOSWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.macOSEndpointProtectionConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.macOSGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.macOSDeviceFeaturesConfiguration");
GraphJson json = JsonConvert.DeserializeObject <GraphJson>(result);
switch (json.OdataValue)
{
case string odataValue when odataValue.Contains("microsoft.graph.groupPolicyConfiguration"):
JObject groupPolicyJsonObject = JObject.Parse(result);
// drop custom json payload
groupPolicyJsonObject.Remove("configuredSettings");
GroupPolicyConfiguration groupPolicy = groupPolicyJsonObject.ToObject <GroupPolicyConfiguration>();
// Translate scope tag with table
List <string> groupPolicyScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in groupPolicy.RoleScopeTagIds)
{
try
{
groupPolicyScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
groupPolicyScopeTagMapping.Add("0");
}
}
groupPolicy.RoleScopeTagIds = groupPolicyScopeTagMapping;
GroupPolicyConfiguration createdGroupPolicy = await graphIntune.AddGroupPolicyConfigurationAsync(groupPolicy);
// add configured values to gpo
await graphIntune.AddExportedGroupPolicyConfigurationValuesAsync(result, createdGroupPolicy.Id);
break;
case string odataValue when odataValue.Contains("CompliancePolicy"):
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && compliancePolicies == null)
{
this.compliancePolicies = await graphIntune.GetDeviceCompliancePoliciesAsync();
}
JObject o = JObject.Parse(result);
JObject o2 = JObject.Parse(@"{scheduledActionsForRule:[{ruleName:'PasswordRequired',scheduledActionConfigurations:[{actionType:'block',gracePeriodHours:'0',notificationTemplateId:'',notificationMessageCCList:[]}]}]}");
o.Add("scheduledActionsForRule", o2.SelectToken("scheduledActionsForRule"));
string jsonPolicy = JsonConvert.SerializeObject(o);
DeviceCompliancePolicy deviceCompliancePolicy = JsonConvert.DeserializeObject <DeviceCompliancePolicy>(jsonPolicy);
// Translate scope tag with table
List <string> compliancePolicyScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in deviceCompliancePolicy.RoleScopeTagIds)
{
try
{
compliancePolicyScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
compliancePolicyScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
deviceCompliancePolicy.RoleScopeTagIds = compliancePolicyScopeTagMapping;
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (compliancePolicies.All(p => !p.Id.Contains(deviceCompliancePolicy.Id)) && compliancePolicies.All(p => !p.DisplayName.Contains(deviceCompliancePolicy.DisplayName)))
{
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
else
{
if (compliancePolicies.Any(p => p.Id.Contains(deviceCompliancePolicy.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{deviceCompliancePolicy.DisplayName}' ({deviceCompliancePolicy.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{deviceCompliancePolicy.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (compliancePolicies.Any(p => p.Id.Contains(deviceCompliancePolicy.Id)))
{
deviceCompliancePolicy.ScheduledActionsForRule = null;
await graphIntune.PatchDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
// Create a new policy
else
{
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (compliancePolicies.Any(policy => policy.DisplayName.Equals(deviceCompliancePolicy.DisplayName)))
{
deviceCompliancePolicy.ScheduledActionsForRule = null;
string replaceObjectId = compliancePolicies.Where(policy => policy.DisplayName.Equals(deviceCompliancePolicy.DisplayName)).Select(policy => policy.Id).First();
deviceCompliancePolicy.Id = replaceObjectId;
await graphIntune.PatchDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
else
{
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
break;
}
break;
case string odataValue when supportedDeviceConfigurations.Contains(odataValue):
DeviceConfiguration deviceConfiguration = JsonConvert.DeserializeObject <DeviceConfiguration>(result);
// request fails when true
deviceConfiguration.SupportsScopeTags = null;
// Translate scope tag with table
List <string> scopeTagMapping = new List <string>();
foreach (string roleScopeTagId in deviceConfiguration.RoleScopeTagIds)
{
try
{
scopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
scopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
deviceConfiguration.RoleScopeTagIds = scopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && deviceConfigurations == null)
{
deviceConfigurations = await graphIntune.GetDeviceConfigurationsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (deviceConfigurations.All(p => !p.Id.Contains(deviceConfiguration.Id)) && deviceConfigurations.All(p => !p.DisplayName.Contains(deviceConfiguration.DisplayName)))
{
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
}
else
{
if (deviceConfigurations.Any(p => p.Id.Contains(deviceConfiguration.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{deviceConfiguration.DisplayName}' ({deviceConfiguration.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{deviceConfiguration.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (deviceConfigurations.Any(p => p.Id.Contains(deviceConfiguration.Id)))
{
await graphIntune.PatchDeviceConfigurationAsync(deviceConfiguration);
}
// Create a new policy
else
{
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (deviceConfigurations.Any(policy => policy.DisplayName.Equals(deviceConfiguration.DisplayName)))
{
string replaceObjectId = deviceConfigurations.Where(policy => policy.DisplayName.Equals(deviceConfiguration.DisplayName)).Select(policy => policy.Id).First();
deviceConfiguration.Id = replaceObjectId;
await graphIntune.PatchDeviceConfigurationAsync(deviceConfiguration);
}
else
{
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
}
break;
}
break;
case string odataValue when odataValue.Contains("deviceManagementScripts"):
DeviceManagementScript deviceManagementScript = JsonConvert.DeserializeObject <DeviceManagementScript>(result);
// Translate scope tag with table
List <string> deviceManagementScriptScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in deviceManagementScript.RoleScopeTagIds)
{
try
{
deviceManagementScriptScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
deviceManagementScriptScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
deviceManagementScript.RoleScopeTagIds = deviceManagementScriptScopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && deviceManagementScipts == null)
{
deviceManagementScipts = await graphIntune.GetDeviceManagementScriptsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (deviceManagementScipts.All(p => !p.Id.Contains(deviceManagementScript.Id)) && deviceManagementScipts.All(p => !p.DisplayName.Contains(deviceManagementScript.DisplayName)))
{
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
}
else
{
if (deviceManagementScipts.Any(p => p.Id.Contains(deviceManagementScript.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{deviceManagementScript.DisplayName}' ({deviceManagementScript.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{deviceManagementScript.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (deviceManagementScipts.Any(p => p.Id.Contains(deviceManagementScript.Id)))
{
await graphIntune.PatchDeviceManagementScriptAsync(deviceManagementScript);
}
// Create a new policy
else
{
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (deviceManagementScipts.Any(policy => policy.DisplayName.Equals(deviceManagementScript.DisplayName)))
{
string replaceObjectId = deviceManagementScipts.Where(policy => policy.DisplayName.Equals(deviceManagementScript.DisplayName)).Select(policy => policy.Id).First();
deviceManagementScript.Id = replaceObjectId;
await graphIntune.PatchDeviceManagementScriptAsync(deviceManagementScript);
}
else
{
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
}
break;
}
break;
case string odataValue when odataValue.Contains("WindowsAutopilotDeploymentProfile"):
WindowsAutopilotDeploymentProfile windowsAutopilotDeploymentProfile = JsonConvert.DeserializeObject <WindowsAutopilotDeploymentProfile>(result);
// Translate scope tag with table
List <string> autopilotScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in windowsAutopilotDeploymentProfile.RoleScopeTagIds)
{
try
{
autopilotScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
autopilotScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
windowsAutopilotDeploymentProfile.RoleScopeTagIds = autopilotScopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && windowsAutopilotDeploymentProfiles == null)
{
windowsAutopilotDeploymentProfiles = await graphIntune.GetWindowsAutopilotDeploymentProfiles();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (windowsAutopilotDeploymentProfiles.All(p => !p.Id.Contains(windowsAutopilotDeploymentProfile.Id)) && windowsAutopilotDeploymentProfiles.All(p => !p.DisplayName.Contains(windowsAutopilotDeploymentProfile.DisplayName)))
{
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
else
{
if (windowsAutopilotDeploymentProfiles.Any(p => p.Id.Contains(windowsAutopilotDeploymentProfile.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{windowsAutopilotDeploymentProfile.DisplayName}' ({windowsAutopilotDeploymentProfile.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{windowsAutopilotDeploymentProfile.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (windowsAutopilotDeploymentProfiles.Any(p => p.Id.Contains(windowsAutopilotDeploymentProfile.Id)))
{
await graphIntune.PatchWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
// Create a new policy
else
{
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (windowsAutopilotDeploymentProfiles.Any(policy => policy.DisplayName.Equals(windowsAutopilotDeploymentProfile.DisplayName)))
{
string replaceObjectId = windowsAutopilotDeploymentProfiles.Where(policy => policy.DisplayName.Equals(windowsAutopilotDeploymentProfile.DisplayName)).Select(policy => policy.Id).First();
windowsAutopilotDeploymentProfile.Id = replaceObjectId;
await graphIntune.PatchWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
else
{
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.iosManagedAppProtection"):
IosManagedAppProtection iosManagedAppProtection = JsonConvert.DeserializeObject <IosManagedAppProtection>(result);
// Translate scope tag with table
List <string> iosAppScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in iosManagedAppProtection.RoleScopeTagIds)
{
try
{
iosAppScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
iosAppScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
iosManagedAppProtection.RoleScopeTagIds = iosAppScopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && iosManagedAppProtections == null)
{
iosManagedAppProtections = await graphIntune.GetIosManagedAppProtectionsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (iosManagedAppProtections.All(p => !p.Id.Contains(iosManagedAppProtection.Id)) && iosManagedAppProtections.All(p => !p.DisplayName.Contains(iosManagedAppProtection.DisplayName)))
{
await graphIntune.ImportIosManagedAppProtectionAsync(result);
}
else
{
if (iosManagedAppProtections.Any(p => p.Id.Contains(iosManagedAppProtection.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{iosManagedAppProtection.DisplayName}' ({iosManagedAppProtection.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{iosManagedAppProtection.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.ImportIosManagedAppProtectionAsync(result);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (iosManagedAppProtections.Any(p => p.Id.Contains(iosManagedAppProtection.Id)))
{
await graphIntune.ImportPatchIosManagedAppProtectionAsync(result);
}
// Create a new policy
else
{
await graphIntune.ImportIosManagedAppProtectionAsync(result);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (iosManagedAppProtections.Any(policy => policy.DisplayName.Equals(iosManagedAppProtection.DisplayName)))
{
string replaceObjectId = iosManagedAppProtections.Where(policy => policy.DisplayName.Equals(iosManagedAppProtection.DisplayName)).Select(policy => policy.Id).First();
// Replace id in json file
JObject jObject = JObject.Parse(result);
jObject.SelectToken("id").Replace(replaceObjectId);
await graphIntune.ImportPatchIosManagedAppProtectionAsync(jObject.ToString());
}
else
{
await graphIntune.ImportIosManagedAppProtectionAsync(result);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.androidManagedAppProtection"):
AndroidManagedAppProtection androidManagedAppProtection = JsonConvert.DeserializeObject <AndroidManagedAppProtection>(result);
// Translate scope tag with table
List <string> androidAppScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in androidManagedAppProtection.RoleScopeTagIds)
{
try
{
androidAppScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
androidAppScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
androidManagedAppProtection.RoleScopeTagIds = androidAppScopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && androidManagedAppProtections == null)
{
androidManagedAppProtections = await graphIntune.GetAndroidManagedAppProtectionsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (androidManagedAppProtections.All(p => !p.Id.Contains(androidManagedAppProtection.Id)) && androidManagedAppProtections.All(p => !p.DisplayName.Contains(androidManagedAppProtection.DisplayName)))
{
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
}
else
{
if (androidManagedAppProtections.Any(p => p.Id.Contains(androidManagedAppProtection.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{androidManagedAppProtection.DisplayName}' ({androidManagedAppProtection.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{androidManagedAppProtection.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (androidManagedAppProtections.Any(p => p.Id.Contains(androidManagedAppProtection.Id)))
{
await graphIntune.ImportPatchAndroidManagedAppProtectionAsync(result);
}
// Create a new policy
else
{
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (androidManagedAppProtections.Any(policy => policy.DisplayName.Equals(androidManagedAppProtection.DisplayName)))
{
string replaceObjectId = androidManagedAppProtections.Where(policy => policy.DisplayName.Equals(androidManagedAppProtection.DisplayName)).Select(policy => policy.Id).First();
// Replace id in json file
JObject jObject = JObject.Parse(result);
jObject.SelectToken("id").Replace(replaceObjectId);
await graphIntune.ImportPatchAndroidManagedAppProtectionAsync(jObject.ToString());
}
else
{
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.targetedManagedAppConfiguration"):
TargetedManagedAppConfiguration targetedManagedAppConfiguration = JsonConvert.DeserializeObject <TargetedManagedAppConfiguration>(result);
// Translate scope tag with table
List <string> appConfigScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in targetedManagedAppConfiguration.RoleScopeTagIds)
{
try
{
appConfigScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
appConfigScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
targetedManagedAppConfiguration.RoleScopeTagIds = appConfigScopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && targetedManagedAppConfigurations == null)
{
targetedManagedAppConfigurations = await graphIntune.GetTargetedManagedAppConfigurationsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (targetedManagedAppConfigurations.All(p => !p.Id.Contains(targetedManagedAppConfiguration.Id)) && targetedManagedAppConfigurations.All(p => !p.DisplayName.Contains(targetedManagedAppConfiguration.DisplayName)))
{
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
}
else
{
if (targetedManagedAppConfigurations.Any(p => p.Id.Contains(targetedManagedAppConfiguration.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{targetedManagedAppConfiguration.DisplayName}' ({targetedManagedAppConfiguration.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{targetedManagedAppConfiguration.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (targetedManagedAppConfigurations.Any(p => p.Id.Contains(targetedManagedAppConfiguration.Id)))
{
await graphIntune.ImportPatchTargetedManagedAppConfigurationAsync(result);
}
// Create a new policy
else
{
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (targetedManagedAppConfigurations.Any(policy => policy.DisplayName.Equals(targetedManagedAppConfiguration.DisplayName)))
{
string replaceObjectId = targetedManagedAppConfigurations.Where(policy => policy.DisplayName.Equals(targetedManagedAppConfiguration.DisplayName)).Select(policy => policy.Id).First();
// Replace id in json file
JObject jObject = JObject.Parse(result);
jObject.SelectToken("id").Replace(replaceObjectId);
await graphIntune.ImportPatchTargetedManagedAppConfigurationAsync(jObject.ToString());
}
else
{
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
}
break;
}
break;
case string odataValue when odataValue.Contains("MobileAppConfiguration"):
ManagedDeviceMobileAppConfiguration managedDeviceMobileAppConfiguration = JsonConvert.DeserializeObject <ManagedDeviceMobileAppConfiguration>(result);
// Translate scope tag with table
List <string> managedAppScopeTagMapping = new List <string>();
foreach (string roleScopeTagId in managedDeviceMobileAppConfiguration.RoleScopeTagIds)
{
try
{
managedAppScopeTagMapping.Add(scopeTagMigrationTable[roleScopeTagId].ToString());
}
catch
{
managedAppScopeTagMapping.Add("0");
}
}
// Replace assigned scope tags with conversion
managedDeviceMobileAppConfiguration.RoleScopeTagIds = managedAppScopeTagMapping;
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && managedDeviceMobileAppConfigurations == null)
{
managedDeviceMobileAppConfigurations = await graphIntune.GetManagedDeviceMobileAppConfigurationsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (managedDeviceMobileAppConfigurations.All(p => !p.Id.Contains(managedDeviceMobileAppConfiguration.Id)) && managedDeviceMobileAppConfigurations.All(p => !p.DisplayName.Contains(managedDeviceMobileAppConfiguration.DisplayName)))
{
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
else
{
if (managedDeviceMobileAppConfigurations.Any(p => p.Id.Contains(managedDeviceMobileAppConfiguration.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{managedDeviceMobileAppConfiguration.DisplayName}' ({managedDeviceMobileAppConfiguration.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{managedDeviceMobileAppConfiguration.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (managedDeviceMobileAppConfigurations.Any(p => p.Id.Contains(managedDeviceMobileAppConfiguration.Id)))
{
await graphIntune.PatchManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
// Create a new policy
else
{
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (managedDeviceMobileAppConfigurations.Any(policy => policy.DisplayName.Equals(managedDeviceMobileAppConfiguration.DisplayName)))
{
string replaceObjectId = managedDeviceMobileAppConfigurations.Where(policy => policy.DisplayName.Equals(managedDeviceMobileAppConfiguration.DisplayName)).Select(policy => policy.Id).First();
managedDeviceMobileAppConfiguration.Id = replaceObjectId;
await graphIntune.PatchManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
else
{
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.mdmWindowsInformationProtectionPolicy"):
MdmWindowsInformationProtectionPolicy windowsInformationProtection = JsonConvert.DeserializeObject <MdmWindowsInformationProtectionPolicy>(result);
await graphIntune.AddMdmWindowsInformationProtectionsAsync(windowsInformationProtection);
break;
case string odataValue when odataValue.Contains("#microsoft.graph.windowsInformationProtectionPolicy"):
WindowsInformationProtectionPolicy windowsInformationProtectionUnmanaged = JsonConvert.DeserializeObject <WindowsInformationProtectionPolicy>(result);
await graphIntune.AddWindowsInformationProtectionsAsync(windowsInformationProtectionUnmanaged);
break;
default:
throw new System.Exception($"Unsupported configuration type {json.OdataValue}");
}
}
public async Task AddIntuneConfig(string result)
{
supportedDeviceConfigurations.Add("#microsoft.graph.windows10GeneralConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsUpdateForBusinessConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10EndpointProtectionConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windows10CustomConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidWorkProfileGeneralDeviceConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.iosEnterpriseWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.androidDeviceOwnerWiFiConfiguration");
supportedDeviceConfigurations.Add("#microsoft.graph.windowsDeliveryOptimizationConfiguration");
GraphJson json = JsonConvert.DeserializeObject <GraphJson>(result);
switch (json.OdataValue)
{
case string odataValue when odataValue.Contains("CompliancePolicy"):
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && compliancePolicies == null)
{
this.compliancePolicies = await graphIntune.GetDeviceCompliancePoliciesAsync();
}
JObject o = JObject.Parse(result);
JObject o2 = JObject.Parse(@"{scheduledActionsForRule:[{ruleName:'PasswordRequired',scheduledActionConfigurations:[{actionType:'block',gracePeriodHours:'0',notificationTemplateId:'',notificationMessageCCList:[]}]}]}");
o.Add("scheduledActionsForRule", o2.SelectToken("scheduledActionsForRule"));
string jsonPolicy = JsonConvert.SerializeObject(o);
DeviceCompliancePolicy deviceCompliancePolicy = JsonConvert.DeserializeObject <DeviceCompliancePolicy>(jsonPolicy);
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (compliancePolicies.All(p => !p.Id.Contains(deviceCompliancePolicy.Id)) && compliancePolicies.All(p => !p.DisplayName.Contains(deviceCompliancePolicy.DisplayName)))
{
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
else
{
if (compliancePolicies.Any(p => p.Id.Contains(deviceCompliancePolicy.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{deviceCompliancePolicy.DisplayName}' ({deviceCompliancePolicy.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{deviceCompliancePolicy.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (compliancePolicies.Any(p => p.Id.Contains(deviceCompliancePolicy.Id)))
{
deviceCompliancePolicy.ScheduledActionsForRule = null;
await graphIntune.PatchDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
// Create a new policy
else
{
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (compliancePolicies.Any(policy => policy.DisplayName.Equals(deviceCompliancePolicy.DisplayName)))
{
deviceCompliancePolicy.ScheduledActionsForRule = null;
string replaceObjectId = compliancePolicies.Where(policy => policy.DisplayName.Equals(deviceCompliancePolicy.DisplayName)).Select(policy => policy.Id).First();
deviceCompliancePolicy.Id = replaceObjectId;
await graphIntune.PatchDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
else
{
await graphIntune.AddDeviceCompliancePolicyAsync(deviceCompliancePolicy);
}
break;
}
break;
case string odataValue when supportedDeviceConfigurations.Contains(odataValue):
DeviceConfiguration deviceConfiguration = JsonConvert.DeserializeObject <DeviceConfiguration>(result);
// request fails when true
deviceConfiguration.SupportsScopeTags = null;
deviceConfiguration.RoleScopeTagIds = null;
string temp = JsonConvert.SerializeObject(deviceConfiguration);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && deviceConfigurations == null)
{
deviceConfigurations = await graphIntune.GetDeviceConfigurationsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (deviceConfigurations.All(p => !p.Id.Contains(deviceConfiguration.Id)) && deviceConfigurations.All(p => !p.DisplayName.Contains(deviceConfiguration.DisplayName)))
{
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
}
else
{
if (deviceConfigurations.Any(p => p.Id.Contains(deviceConfiguration.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{deviceConfiguration.DisplayName}' ({deviceConfiguration.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{deviceConfiguration.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (deviceConfigurations.Any(p => p.Id.Contains(deviceConfiguration.Id)))
{
await graphIntune.PatchDeviceConfigurationAsync(deviceConfiguration);
}
// Create a new policy
else
{
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (deviceConfigurations.Any(policy => policy.DisplayName.Equals(deviceConfiguration.DisplayName)))
{
string replaceObjectId = deviceConfigurations.Where(policy => policy.DisplayName.Equals(deviceConfiguration.DisplayName)).Select(policy => policy.Id).First();
deviceConfiguration.Id = replaceObjectId;
await graphIntune.PatchDeviceConfigurationAsync(deviceConfiguration);
}
else
{
await graphIntune.AddDeviceConfigurationAsync(deviceConfiguration);
}
break;
}
break;
case string odataValue when odataValue.Contains("deviceManagementScripts"):
DeviceManagementScript deviceManagementScript = JsonConvert.DeserializeObject <DeviceManagementScript>(result);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && deviceManagementScipts == null)
{
deviceManagementScipts = await graphIntune.GetDeviceManagementScriptsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (deviceManagementScipts.All(p => !p.Id.Contains(deviceManagementScript.Id)) && deviceManagementScipts.All(p => !p.DisplayName.Contains(deviceManagementScript.DisplayName)))
{
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
}
else
{
if (deviceManagementScipts.Any(p => p.Id.Contains(deviceManagementScript.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{deviceManagementScript.DisplayName}' ({deviceManagementScript.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{deviceManagementScript.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (deviceManagementScipts.Any(p => p.Id.Contains(deviceManagementScript.Id)))
{
await graphIntune.PatchDeviceManagementScriptAsync(deviceManagementScript);
}
// Create a new policy
else
{
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (deviceManagementScipts.Any(policy => policy.DisplayName.Equals(deviceManagementScript.DisplayName)))
{
string replaceObjectId = deviceManagementScipts.Where(policy => policy.DisplayName.Equals(deviceManagementScript.DisplayName)).Select(policy => policy.Id).First();
deviceManagementScript.Id = replaceObjectId;
await graphIntune.PatchDeviceManagementScriptAsync(deviceManagementScript);
}
else
{
await graphIntune.AddDeviceManagementScriptAsync(deviceManagementScript);
}
break;
}
break;
case string odataValue when odataValue.Contains("WindowsAutopilotDeploymentProfile"):
WindowsAutopilotDeploymentProfile windowsAutopilotDeploymentProfile = JsonConvert.DeserializeObject <WindowsAutopilotDeploymentProfile>(result);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && windowsAutopilotDeploymentProfiles == null)
{
windowsAutopilotDeploymentProfiles = await graphIntune.GetWindowsAutopilotDeploymentProfiles();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (windowsAutopilotDeploymentProfiles.All(p => !p.Id.Contains(windowsAutopilotDeploymentProfile.Id)) && windowsAutopilotDeploymentProfiles.All(p => !p.DisplayName.Contains(windowsAutopilotDeploymentProfile.DisplayName)))
{
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
else
{
if (windowsAutopilotDeploymentProfiles.Any(p => p.Id.Contains(windowsAutopilotDeploymentProfile.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{windowsAutopilotDeploymentProfile.DisplayName}' ({windowsAutopilotDeploymentProfile.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{windowsAutopilotDeploymentProfile.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (windowsAutopilotDeploymentProfiles.Any(p => p.Id.Contains(windowsAutopilotDeploymentProfile.Id)))
{
await graphIntune.PatchWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
// Create a new policy
else
{
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (windowsAutopilotDeploymentProfiles.Any(policy => policy.DisplayName.Equals(windowsAutopilotDeploymentProfile.DisplayName)))
{
string replaceObjectId = windowsAutopilotDeploymentProfiles.Where(policy => policy.DisplayName.Equals(windowsAutopilotDeploymentProfile.DisplayName)).Select(policy => policy.Id).First();
windowsAutopilotDeploymentProfile.Id = replaceObjectId;
await graphIntune.PatchWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
else
{
await graphIntune.AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.iosManagedAppProtection"):
IosManagedAppProtection iosManagedAppProtection = JsonConvert.DeserializeObject <IosManagedAppProtection>(result);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && iosManagedAppProtections == null)
{
iosManagedAppProtections = await graphIntune.GetIosManagedAppProtectionsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (iosManagedAppProtections.All(p => !p.Id.Contains(iosManagedAppProtection.Id)) && iosManagedAppProtections.All(p => !p.DisplayName.Contains(iosManagedAppProtection.DisplayName)))
{
await graphIntune.ImportIosManagedAppProtectionAsync(result);
}
else
{
if (iosManagedAppProtections.Any(p => p.Id.Contains(iosManagedAppProtection.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{iosManagedAppProtection.DisplayName}' ({iosManagedAppProtection.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{iosManagedAppProtection.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.ImportIosManagedAppProtectionAsync(result);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (iosManagedAppProtections.Any(p => p.Id.Contains(iosManagedAppProtection.Id)))
{
await graphIntune.ImportPatchIosManagedAppProtectionAsync(result);
}
// Create a new policy
else
{
await graphIntune.ImportIosManagedAppProtectionAsync(result);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (iosManagedAppProtections.Any(policy => policy.DisplayName.Equals(iosManagedAppProtection.DisplayName)))
{
string replaceObjectId = iosManagedAppProtections.Where(policy => policy.DisplayName.Equals(iosManagedAppProtection.DisplayName)).Select(policy => policy.Id).First();
// Replace id in json file
JObject jObject = JObject.Parse(result);
jObject.SelectToken("id").Replace(replaceObjectId);
await graphIntune.ImportPatchIosManagedAppProtectionAsync(jObject.ToString());
}
else
{
await graphIntune.ImportIosManagedAppProtectionAsync(result);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.androidManagedAppProtection"):
AndroidManagedAppProtection androidManagedAppProtection = JsonConvert.DeserializeObject <AndroidManagedAppProtection>(result);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && androidManagedAppProtections == null)
{
androidManagedAppProtections = await graphIntune.GetAndroidManagedAppProtectionsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (androidManagedAppProtections.All(p => !p.Id.Contains(androidManagedAppProtection.Id)) && androidManagedAppProtections.All(p => !p.DisplayName.Contains(androidManagedAppProtection.DisplayName)))
{
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
}
else
{
if (androidManagedAppProtections.Any(p => p.Id.Contains(androidManagedAppProtection.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{androidManagedAppProtection.DisplayName}' ({androidManagedAppProtection.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{androidManagedAppProtection.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (androidManagedAppProtections.Any(p => p.Id.Contains(androidManagedAppProtection.Id)))
{
await graphIntune.ImportPatchAndroidManagedAppProtectionAsync(result);
}
// Create a new policy
else
{
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (androidManagedAppProtections.Any(policy => policy.DisplayName.Equals(androidManagedAppProtection.DisplayName)))
{
string replaceObjectId = androidManagedAppProtections.Where(policy => policy.DisplayName.Equals(androidManagedAppProtection.DisplayName)).Select(policy => policy.Id).First();
// Replace id in json file
JObject jObject = JObject.Parse(result);
jObject.SelectToken("id").Replace(replaceObjectId);
await graphIntune.ImportPatchAndroidManagedAppProtectionAsync(jObject.ToString());
}
else
{
await graphIntune.ImportAndroidManagedAppProtectionAsync(result);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.targetedManagedAppConfiguration"):
TargetedManagedAppConfiguration targetedManagedAppConfiguration = JsonConvert.DeserializeObject <TargetedManagedAppConfiguration>(result);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && targetedManagedAppConfigurations == null)
{
targetedManagedAppConfigurations = await graphIntune.GetTargetedManagedAppConfigurationsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (targetedManagedAppConfigurations.All(p => !p.Id.Contains(targetedManagedAppConfiguration.Id)) && targetedManagedAppConfigurations.All(p => !p.DisplayName.Contains(targetedManagedAppConfiguration.DisplayName)))
{
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
}
else
{
if (targetedManagedAppConfigurations.Any(p => p.Id.Contains(targetedManagedAppConfiguration.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{targetedManagedAppConfiguration.DisplayName}' ({targetedManagedAppConfiguration.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{targetedManagedAppConfiguration.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (targetedManagedAppConfigurations.Any(p => p.Id.Contains(targetedManagedAppConfiguration.Id)))
{
await graphIntune.ImportPatchTargetedManagedAppConfigurationAsync(result);
}
// Create a new policy
else
{
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (targetedManagedAppConfigurations.Any(policy => policy.DisplayName.Equals(targetedManagedAppConfiguration.DisplayName)))
{
string replaceObjectId = targetedManagedAppConfigurations.Where(policy => policy.DisplayName.Equals(targetedManagedAppConfiguration.DisplayName)).Select(policy => policy.Id).First();
// Replace id in json file
JObject jObject = JObject.Parse(result);
jObject.SelectToken("id").Replace(replaceObjectId);
await graphIntune.ImportPatchTargetedManagedAppConfigurationAsync(jObject.ToString());
}
else
{
await graphIntune.ImportTargetedManagedAppConfigurationAsync(result);
}
break;
}
break;
case string odataValue when odataValue.Contains("MobileAppConfiguration"):
ManagedDeviceMobileAppConfiguration managedDeviceMobileAppConfiguration = JsonConvert.DeserializeObject <ManagedDeviceMobileAppConfiguration>(result);
if (overwriteBehaviour != OverwriteBehaviour.IMPORT_AS_DUPLICATE && managedDeviceMobileAppConfigurations == null)
{
managedDeviceMobileAppConfigurations = await graphIntune.GetManagedDeviceMobileAppConfigurationsAsync();
}
switch (overwriteBehaviour)
{
case OverwriteBehaviour.DISCARD:
if (managedDeviceMobileAppConfigurations.All(p => !p.Id.Contains(managedDeviceMobileAppConfiguration.Id)) && managedDeviceMobileAppConfigurations.All(p => !p.DisplayName.Contains(managedDeviceMobileAppConfiguration.DisplayName)))
{
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
else
{
if (managedDeviceMobileAppConfigurations.Any(p => p.Id.Contains(managedDeviceMobileAppConfiguration.Id)))
{
signalRMessage.sendMessage($"Discarding configuration '{managedDeviceMobileAppConfiguration.DisplayName}' ({managedDeviceMobileAppConfiguration.Id}) already exists!");
}
else
{
signalRMessage.sendMessage($"Discarding configuration '{managedDeviceMobileAppConfiguration.DisplayName}' - configuration with this name already exists!");
}
}
break;
case OverwriteBehaviour.IMPORT_AS_DUPLICATE:
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
break;
case OverwriteBehaviour.OVERWRITE_BY_ID:
// match by object ID
if (managedDeviceMobileAppConfigurations.Any(p => p.Id.Contains(managedDeviceMobileAppConfiguration.Id)))
{
await graphIntune.PatchManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
// Create a new policy
else
{
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
break;
case OverwriteBehaviour.OVERWRITE_BY_NAME:
if (managedDeviceMobileAppConfigurations.Any(policy => policy.DisplayName.Equals(managedDeviceMobileAppConfiguration.DisplayName)))
{
string replaceObjectId = managedDeviceMobileAppConfigurations.Where(policy => policy.DisplayName.Equals(managedDeviceMobileAppConfiguration.DisplayName)).Select(policy => policy.Id).First();
managedDeviceMobileAppConfiguration.Id = replaceObjectId;
await graphIntune.PatchManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
else
{
await graphIntune.AddManagedDeviceMobileAppConfigurationAsync(managedDeviceMobileAppConfiguration);
}
break;
}
break;
case string odataValue when odataValue.Contains("#microsoft.graph.mdmWindowsInformationProtectionPolicy"):
MdmWindowsInformationProtectionPolicy windowsInformationProtection = JsonConvert.DeserializeObject <MdmWindowsInformationProtectionPolicy>(result);
await graphIntune.AddMdmWindowsInformationProtectionsAsync(windowsInformationProtection);
break;
case string odataValue when odataValue.Contains("#microsoft.graph.windowsInformationProtectionPolicy"):
WindowsInformationProtectionPolicy windowsInformationProtectionUnmanaged = JsonConvert.DeserializeObject <WindowsInformationProtectionPolicy>(result);
await graphIntune.AddWindowsInformationProtectionsAsync(windowsInformationProtectionUnmanaged);
break;
default:
throw new System.Exception($"Unsupported configuration type {json.OdataValue}");
}
}
public static async Task <DeviceManagementScript> AddDeviceManagementScriptsAsync(DeviceManagementScript deviceManagementScript, string clientId = null)
{
var graphClient = GetAuthenticatedClient();
if (!string.IsNullOrEmpty(clientId))
{
var hubContext = GlobalHost.ConnectionManager.GetHubContext <MwHub>();
hubContext.Clients.Client(clientId).addMessage("POST: " + graphClient.DeviceManagement.DeviceManagementScripts.Request().RequestUrl);
}
var response = await graphClient.DeviceManagement.DeviceManagementScripts.Request().AddAsync(deviceManagementScript);
return(response);
}
public static async Task <string> AddIntuneConfig(string result, string clientId = null)
{
GraphJson json = JsonConvert.DeserializeObject <GraphJson>(result);
if (json.OdataValue.Contains("CompliancePolicy"))
{
JObject o = JObject.Parse(result);
JObject o2 = JObject.Parse(@"{scheduledActionsForRule:[{ruleName:'PasswordRequired',scheduledActionConfigurations:[{actionType:'block',gracePeriodHours:'0',notificationTemplateId:'',notificationMessageCCList:[]}]}]}");
o.Add("scheduledActionsForRule", o2.SelectToken("scheduledActionsForRule"));
string jsonPolicy = JsonConvert.SerializeObject(o);
DeviceCompliancePolicy deviceCompliancePolicy = JsonConvert.DeserializeObject <DeviceCompliancePolicy>(jsonPolicy);
var response = await AddDeviceCompliancePolicyAsync(deviceCompliancePolicy, clientId);
return(response.ODataType + " | " + response.DisplayName);
}
else if (json.OdataValue.Contains("Configuration") && json.OdataValue.Contains("windows"))
{
DeviceConfiguration deviceConfiguration = JsonConvert.DeserializeObject <DeviceConfiguration>(result);
// request fails when true :(
deviceConfiguration.SupportsScopeTags = false;
var response = await AddDeviceConfigurationAsync(deviceConfiguration, clientId);
return(response.ODataType + " | " + response.DisplayName);
}
else if (json.OdataValue.Contains("deviceManagementScripts"))
{
DeviceManagementScript deviceManagementScript = JsonConvert.DeserializeObject <DeviceManagementScript>(result);
// remove id - otherwise request fails
deviceManagementScript.Id = "";
var response = await AddDeviceManagementScriptsAsync(deviceManagementScript, clientId);
return("#microsoft.graph.deviceManagementScript" + " | " + response.DisplayName);
}
else if (json.OdataValue.Contains("WindowsAutopilotDeploymentProfile"))
{
WindowsAutopilotDeploymentProfile windowsAutopilotDeploymentProfile = JsonConvert.DeserializeObject <WindowsAutopilotDeploymentProfile>(result);
var response = await AddWindowsAutopilotDeploymentProfile(windowsAutopilotDeploymentProfile, clientId);
return(response.ODataType + " | " + response.DisplayName);
}
else if (json.OdataValue.Contains("#microsoft.graph.iosManagedAppProtection"))
{
IosManagedAppProtection managedAppProtection = JsonConvert.DeserializeObject <IosManagedAppProtection>(result);
var response = await AddIosManagedAppProtectionAsync(managedAppProtection, clientId);
string requestUrl = graphEndpoint + "/deviceAppManagement/iosManagedAppProtections/" + response.Id + "/targetApps";
// Try adding assigned apps fro MAM policy
try
{
string requestBody = ConvertToApppProtectionAssignment(result);
HttpRequestMessage hrm = new HttpRequestMessage(HttpMethod.Post, requestUrl)
{
Content = new StringContent(requestBody, Encoding.UTF8, "application/json")
};
var graphClient = GetAuthenticatedClient();
// Authenticate (add access token) our HttpRequestMessage
await graphClient.AuthenticationProvider.AuthenticateRequestAsync(hrm);
if (!string.IsNullOrEmpty(clientId))
{
var hubContext = GlobalHost.ConnectionManager.GetHubContext <MwHub>();
hubContext.Clients.Client(clientId).addMessage("POST: " + hrm.RequestUri.AbsoluteUri);
}
// Send the request and get the response.
await graphClient.HttpProvider.SendAsync(hrm);
}
catch { }
return("#microsoft.graph.iosManagedAppProtection | " + response.DisplayName);
}
else if (json.OdataValue.Contains("#microsoft.graph.androidManagedAppProtection"))
{
AndroidManagedAppProtection managedAppProtection = JsonConvert.DeserializeObject <AndroidManagedAppProtection>(result);
var response = await AddAndroidManagedAppProtectionAsync(managedAppProtection, clientId);
string requestUrl = graphEndpoint + "/deviceAppManagement/androidManagedAppProtections/" + response.Id + "/targetApps";
// Try adding assigned apps fro MAM policy
try
{
string requestBody = ConvertToApppProtectionAssignment(result);
HttpRequestMessage hrm = new HttpRequestMessage(HttpMethod.Post, requestUrl)
{
Content = new StringContent(requestBody, Encoding.UTF8, "application/json")
};
var graphClient = GetAuthenticatedClient();
if (!string.IsNullOrEmpty(clientId))
{
var hubContext = GlobalHost.ConnectionManager.GetHubContext <MwHub>();
hubContext.Clients.Client(clientId).addMessage("POST: " + hrm.RequestUri.AbsoluteUri);
}
// Authenticate (add access token) our HttpRequestMessage
await graphClient.AuthenticationProvider.AuthenticateRequestAsync(hrm);
// Send the request and get the response.
await graphClient.HttpProvider.SendAsync(hrm);
}
catch { }
return("#microsoft.graph.androidManagedAppProtection | " + response.DisplayName);
}
else if (json.OdataValue.Contains("#microsoft.graph.targetedManagedAppConfiguration"))
{
TargetedManagedAppConfiguration managedAppConfiguration = JsonConvert.DeserializeObject <TargetedManagedAppConfiguration>(result);
var response = await AddManagedAppConfigurationAsync(managedAppConfiguration);
string requestUrl = graphEndpoint + "/deviceAppManagement/targetedManagedAppConfigurations/" + response.Id + "/targetApps";
// Try adding assigned apps fro MAM policy
try
{
string requestBody = ConvertToApppProtectionAssignment(result);
HttpRequestMessage hrm = new HttpRequestMessage(HttpMethod.Post, requestUrl)
{
Content = new StringContent(requestBody, Encoding.UTF8, "application/json")
};
var graphClient = GetAuthenticatedClient();
// Authenticate (add access token) our HttpRequestMessage
await graphClient.AuthenticationProvider.AuthenticateRequestAsync(hrm);
if (!string.IsNullOrEmpty(clientId))
{
var hubContext = GlobalHost.ConnectionManager.GetHubContext <MwHub>();
hubContext.Clients.Client(clientId).addMessage("POST: " + hrm.RequestUri.AbsoluteUri);
}
// Send the request and get the response.
await graphClient.HttpProvider.SendAsync(hrm);
}
catch { }
return("#microsoft.graph.targetedManagedAppConfiguration | " + response.DisplayName);
}
else
{
return(null);
}
}
public async System.Threading.Tasks.Task <FileResult> DownloadDeviceManagementScript(String Id)
{
DeviceManagementScript script = await GraphHelper.GetDeviceManagementScriptAsync(Id);
return(File(script.ScriptContent, "text/plain", script.FileName));
}
