mirror of
https://github.com/HackTricks-wiki/hacktricks-cloud.git
synced 2026-01-03 00:09:59 -08:00
35 lines
1.5 KiB
Markdown
35 lines
1.5 KiB
Markdown
# Az - Intune
|
|
|
|
{{#include ../../../banners/hacktricks-training.md}}
|
|
|
|
## Basic Information
|
|
|
|
Microsoft Intune is designed to streamline the process of **app and device management**. Its capabilities extend across a diverse range of devices, encompassing mobile devices, desktop computers, and virtual endpoints. The core functionality of Intune revolves around **managing user access and simplifying the administration of applications** and devices within an organization's network.
|
|
|
|
## Cloud -> On-Prem
|
|
|
|
A user with **Global Administrator** or **Intune Administrator** role can execute **PowerShell** scripts on any **enrolled Windows** device.\
|
|
The **script** runs with **privileges** of **SYSTEM** on the device only once if it doesn't change, and from Intune it's **not possible to see the output** of the script.
|
|
|
|
```powershell
|
|
Get-AzureADGroup -Filter "DisplayName eq 'Intune Administrators'"
|
|
```
|
|
|
|
1. Login into [https://endpoint.microsoft.com/#home](https://endpoint.microsoft.com/#home) or use Pass-The-PRT
|
|
2. Go to **Devices** -> **All Devices** to check devices enrolled to Intune
|
|
3. Go to **Scripts** and click on **Add** for Windows 10.
|
|
4. Add a **Powershell script**
|
|
- .png>)
|
|
5. Specify **Add all users** and **Add all devices** in the **Assignments** page.
|
|
|
|
The execution of the script can take up to **one hour**.
|
|
|
|
## References
|
|
|
|
- [https://learn.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune](https://learn.microsoft.com/en-us/mem/intune/fundamentals/what-is-intune)
|
|
|
|
{{#include ../../../banners/hacktricks-training.md}}
|
|
|
|
|
|
|