In part 1 you learned how to use Azure functions and a http trigger to add a device to an Azure Ad security group. In this part you’ll see how it all fits together on the client side after Autopilot is complete.
Step 1. Get the scripts
Download the client side scripts here. Please read the note before trying.
Note: To download the files here, please make sure you are logged on to this site otherwise you’ll get an error.
- Download the following zip file at windows-noob.com: temp.zip
Step 2. Extract the files
Extract the files to C:\temp
Step 3. Edit AddDeviceToAzureAdGroup.ps1
Using Windows PowerShell ISE or notepad, open AddDeviceToAzureAdGroup.ps1, you need to edit the following two lines.
Replace $company with your own company name, and for $URL you will need to login to your Azure resource group created in part 1 and copy the HttpTrigger1 url by clicking on Get Function URL and copying the url as shown below.
Note: If you don’t do this properly then it won’t work !
Paste in the URL you copied from your HttpTrigger and append &deviceID= on the end as shown here.
Step 4. Encode the scripts
Open the EncodeScripts.ps1 script and run it. It will generate new encoded copies of the two scripts that will become embedded in the
Step 5. Edit AddDeviceToAzureAdGroup_CreateScheduledTask.ps1
Open AddDeviceToAzureAdGroup_CreateScheduledTask.ps1 and scroll down to the $Base64_1 line.
In notepad, open C:\temp\encoded1.txt, press CTRL+A and CTRL+C to copy everything in that file. Back in the PowerShell script, paste the copied content into the $Base64_1variable in between the “” as shown below.
repeat this exercise for the $Base64_2 variable but use the C:\temp\encoded2.txt file contents for that variable.
Note: You have to repeat this process any time you edit either of the following two scripts.
Save the file.
Step 6. Add the PowerShell script to Intune
Create a new deployment to your Autopilot Users group using the AddDeviceToAzureAdGroup_CreateScheduledTask.ps1 PowerShell script.
Deploy it to your Autopilot Users group
You can read the rest of this post at windows-noob.com here.