We've detected a Microsoft Intune PowerShell script issue in your environment

Question

Have received the below advisory from Microsoft but enable to find the particular script with the following app id.

Can someone please help the process how to search for this app id and identify.

Creating a new app registration in the Microsoft Entra admin center. For detailed instructions, read: Quickstart: Register an application with the Microsoft identity platform. (https://learn.microsoft.com/entra/identity-platform/quickstart-register-app) 

Update scripts containing the Intune application ID (d1ddf0e4-d672-4dae-b554-9d5bdfd93547) with the new application ID created in step 1.  

Additional Diagnostics

Review any PowerShell scripts for Intune that run in your environment and are using the AppID d1ddf0e4-d672-4dae-b554-9d5bdfd93547.   Scripts that were copied from the following GitHub repo contain that AppID:  https://github.com/microsoftgraph/powershell-intune-samples 

Latest Message

Title: We've detected a Microsoft Intune PowerShell script issue in your environment User impact: If action isn't taken, PowerShell scripts may break. Current Status: If you are using the Intune PowerShell application ID (d1ddf0e4-d672-4dae-b554-9d5bdfd93547), you will need to update your scripts before May 1 with a different Microsoft Entra ID registered application ID to prevent your PowerShell scripts from breaking. Microsoft has replaced the GitHub repository using the old application ID d1ddf0e4-d672-4dae-b554-9d5bdfd93547 with a new repository as announced here: https://techcommunity.microsoft.com/t5/intune-customer-success/update-to-microsoft-intune-powershell-example-script-repository/ba-p/3842452 Additionally, this has been communicated under Message Center posts MC736429 and MC721851. This communication will expire in 14 days, and is scheduled to remain active for the full duration.

Answer 1

Hi @Jessie Hernandez @Crystal-MSFT many many thanks for your posts, you both (really!) makes my day :-)

God bless you :-)
All the best!

Answer 2

Hi

Would anyone know how to list apps published / deployed via Intune using the cmdlets in the MGGraph connection.

Have installed the new application and registered successfully using notes in this article, however there doesn't seem commands to list applications such as Win32 apps. The following code doesn't return anything that looks suitable.

Connect-MgGraph
$allCmds = Find-MgGraphCommand -Command * 
$allcmds | Where-Object { $_.Module -like "devicemanagement*"} | Select-Object Command, Module | Where-Object { $_.Command -like "get-*app*"} | Sort-Object Command 

K

Answer 3

For those using Connect-MSGraph, which is tied to the deprecated appid mentioned in this article, you will need to update it.

1. Create the new App registration as documented by Crystal-MSFT. Ensure that you have Admin consented the permissions.
2. On the machine where the Intune PS Module is installed run the following command:

      Update-MSGraphEnvironment -AppId <App ID of app registration created in step 1>
   

3. Now you should be able to use Connect-MSGraph again.

This is documented here: https://github.com/microsoftgraph/powershell-intune-samples/blob/master/Updating%20App%20Registration

Answer 4

to check usage of the app Look within Entra ID, under Identity – Applications – Enterprise Applications

The app reg will be called "Microsoft Intune Powershell" and check the Sign in Logs

Answer 5

Link to doco here:

https://learn.microsoft.com/en-gb/mem/intune/fundamentals/whats-new#plan-for-change-update-your-powershell-scripts-with-a-microsoft-entra-id-registered-app-id-by-april-2024