Skip to content

Commit

Permalink
Merge pull request #126 from almenscorner/dev
Browse files Browse the repository at this point in the history 
v1.5.1
  • Loading branch information
@almenscorner
almenscorner committed Aug 22, 2023
2 parents 8bc9510 + 6300861 commit e4c14c2
Show file tree
Hide file tree
Showing 5 changed files with 84 additions and 216 deletions.
2 changes: 1 addition & 1 deletion setup.cfg
View file
Original file line number Diff line number Diff line change
@@ -1,6 +1,6 @@
[metadata]
name = IntuneCD
version = 1.5.0
version = 1.5.1
author = Tobias Almén
author_email = [email protected]
description = Tool to backup and update configurations in Intune
Expand Down
2 changes: 1 addition & 1 deletion src/IntuneCD/backup_configurationPolicies.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -38,7 +38,7 @@ def savebackup(path, output, exclude, token):
policy_ids.append(policy["id"])

assignment_responses = batch_assignment(policies, "deviceManagement/configurationPolicies/", "/assignments", token)
policy_settings_batch = batch_request(policy_ids, "deviceManagement/configurationPolicies/", "/settings", token)
policy_settings_batch = batch_request(policy_ids, "deviceManagement/configurationPolicies/", "/settings?&top=1000", token)

for policy in policies["value"]:
results["config_count"] += 1
Expand Down
80 changes: 22 additions & 58 deletions src/IntuneCD/graph_request.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -26,39 +26,23 @@ def makeapirequest(endpoint, token, q_param=None):

if q_param is not None:
response = requests.get(endpoint, headers=headers, params=q_param)
if (
response.status_code == 504
or response.status_code == 502
or response.status_code == 503
):
print(
"Ran into issues with Graph request, waiting 10 seconds and trying again..."
)
if response.status_code == 504 or response.status_code == 502 or response.status_code == 503:
print("Ran into issues with Graph request, waiting 10 seconds and trying again...")
time.sleep(10)
response = requests.get(endpoint, headers=headers)
elif response.status_code == 429:
print(
f"Hit Graph throttling, trying again after {response.headers['Retry-After']} seconds"
)
print(f"Hit Graph throttling, trying again after {response.headers['Retry-After']} seconds")
while response.status_code == 429:
time.sleep(int(response.headers["Retry-After"]))
response = requests.get(endpoint, headers=headers)
else:
response = requests.get(endpoint, headers=headers)
if (
response.status_code == 504
or response.status_code == 502
or response.status_code == 503
):
print(
"Ran into issues with Graph request, waiting 10 seconds and trying again..."
)
if response.status_code == 504 or response.status_code == 502 or response.status_code == 503:
print("Ran into issues with Graph request, waiting 10 seconds and trying again...")
time.sleep(10)
response = requests.get(endpoint, headers=headers)
elif response.status_code == 429:
print(
f"Hit Graph throttling, trying again after {response.headers['Retry-After']} seconds"
)
print(f"Hit Graph throttling, trying again after {response.headers['Retry-After']} seconds")
while response.status_code == 429:
time.sleep(int(response.headers["Retry-After"]))
response = requests.get(endpoint, headers=headers)
Expand All @@ -81,14 +65,10 @@ def makeapirequest(endpoint, token, q_param=None):
elif ("assignmentFilters" in endpoint) and ("FeatureNotEnabled" in response.text):
print("Assignment filters not enabled in tenant, skipping")
else:
raise Exception(
"Request failed with ", response.status_code, " - ", response.text
)
raise Exception("Request failed with ", response.status_code, " - ", response.text)


def makeapirequestPatch(
patchEndpoint, token, q_param=None, jdata=None, status_code=200
):
def makeapirequestPatch(patchEndpoint, token, q_param=None, jdata=None, status_code=200):
"""
This function makes a PATCH request to the Microsoft Graph API.
Expand All @@ -105,22 +85,16 @@ def makeapirequestPatch(
}

if q_param is not None:
response = requests.patch(
patchEndpoint, headers=headers, params=q_param, data=jdata
)
response = requests.patch(patchEndpoint, headers=headers, params=q_param, data=jdata)
else:
response = requests.patch(patchEndpoint, headers=headers, data=jdata)
if response.status_code == status_code:
pass
else:
raise Exception(
"Request failed with ", response.status_code, " - ", response.text
)
raise Exception("Request failed with ", response.status_code, " - ", response.text)


def makeapirequestDelete(
deleteEndpoint, token, q_param=None, jdata=None, status_code=200
):
def makeapirequestDelete(deleteEndpoint, token, q_param=None, jdata=None, status_code=200):
"""
This function makes a DELETE request to the Microsoft Graph API.
Expand All @@ -137,17 +111,13 @@ def makeapirequestDelete(
}

if q_param is not None:
response = requests.delete(
deleteEndpoint, headers=headers, params=q_param, data=jdata
)
response = requests.delete(deleteEndpoint, headers=headers, params=q_param, data=jdata)
else:
response = requests.delete(deleteEndpoint, headers=headers, data=jdata)
if response.status_code == status_code:
pass
else:
raise Exception(
"Request failed with ", response.status_code, " - ", response.text
)
raise Exception("Request failed with ", response.status_code, " - ", response.text)


def makeapirequestPost(patchEndpoint, token, q_param=None, jdata=None, status_code=200):
Expand All @@ -167,9 +137,7 @@ def makeapirequestPost(patchEndpoint, token, q_param=None, jdata=None, status_co
}

if q_param is not None:
response = requests.post(
patchEndpoint, headers=headers, params=q_param, data=jdata
)
response = requests.post(patchEndpoint, headers=headers, params=q_param, data=jdata)
else:
response = requests.post(patchEndpoint, headers=headers, data=jdata)
if response.status_code == status_code:
Expand All @@ -178,17 +146,17 @@ def makeapirequestPost(patchEndpoint, token, q_param=None, jdata=None, status_co
return json_data
else:
pass
elif response.status_code == 504:
print("Ran into issues with Graph request, waiting 10 seconds and trying again...")
time.sleep(10)
response = requests.post(patchEndpoint, headers=headers, data=jdata)
elif response.status_code == 429:
print(
f"Hit Graph throttling, trying again after {response.headers['Retry-After']} seconds"
)
print(f"Hit Graph throttling, trying again after {response.headers['Retry-After']} seconds")
while response.status_code == 429:
time.sleep(int(response.headers["Retry-After"]))
response = requests.post(patchEndpoint, headers=headers, data=jdata)
else:
raise Exception(
"Request failed with ", response.status_code, " - ", response.text
)
raise Exception("Request failed with ", response.status_code, " - ", response.text)


def makeapirequestPut(patchEndpoint, token, q_param=None, jdata=None, status_code=200):
Expand All @@ -208,14 +176,10 @@ def makeapirequestPut(patchEndpoint, token, q_param=None, jdata=None, status_cod
}

if q_param is not None:
response = requests.put(
patchEndpoint, headers=headers, params=q_param, data=jdata
)
response = requests.put(patchEndpoint, headers=headers, params=q_param, data=jdata)
else:
response = requests.put(patchEndpoint, headers=headers, data=jdata)
if response.status_code == status_code:
pass
else:
raise Exception(
"Request failed with ", response.status_code, " - ", response.text
)
raise Exception("Request failed with ", response.status_code, " - ", response.text)
75 changes: 18 additions & 57 deletions src/IntuneCD/update_enrollmentConfigurations.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,14 +23,10 @@
from .diff_summary import DiffSummary

# Set MS Graph endpoint
ENDPOINT = (
"https://graph.microsoft.com/beta/deviceManagement/deviceEnrollmentConfigurations"
)
ENDPOINT = "https://graph.microsoft.com/beta/deviceManagement/deviceEnrollmentConfigurations"


def update(
path, token, assignment=False, report=False, create_groups=False, remove=False
):
def update(path, token, assignment=False, report=False, create_groups=False, remove=False):
"""_summary_
Args:
Expand Down Expand Up @@ -79,15 +75,9 @@ def update(
data = {"value": ""}
if intune_data["value"]:
for val in intune_data["value"]:
if (
val["@odata.type"]
== "#microsoft.graph.windows10EnrollmentCompletionPageConfiguration"
):
if val["@odata.type"] == "#microsoft.graph.windows10EnrollmentCompletionPageConfiguration":
continue
if (
repo_data["@odata.type"]
== "#microsoft.graph.deviceEnrollmentPlatformRestrictionConfiguration"
):
if repo_data["@odata.type"] == "#microsoft.graph.deviceEnrollmentPlatformRestrictionConfiguration":
if (
repo_data["@odata.type"] == val["@odata.type"]
and repo_data["displayName"] == val["displayName"]
Expand All @@ -113,14 +103,9 @@ def update(
# Remove keys from data that should not be compared
data["value"] = remove_keys(data["value"])
if repo_priority != mem_priority and mem_priority != 0:
mem_priority = makeapirequest(
f"{ENDPOINT}/{mem_id}?$select=priority", token
).get("priority", "")
mem_priority = makeapirequest(f"{ENDPOINT}/{mem_id}?$select=priority", token).get("priority", "")
if repo_priority != mem_priority:
print(
f"Updating Enrollment Config {config_type} Priority: "
+ repo_data["displayName"]
)
print(f"Updating Enrollment Config {config_type} Priority: " + repo_data["displayName"])
# Update Enrollment Configuration
if report is False:
request_data = json.dumps({"priority": repo_priority})
Expand All @@ -135,9 +120,7 @@ def update(
# Compare data from Intune with data from file
repo_data.pop("priority", None)
data["value"].pop("priority", None)
diff = DeepDiff(data["value"], repo_data, ignore_order=True).get(
"values_changed", {}
)
diff = DeepDiff(data["value"], repo_data, ignore_order=True).get("values_changed", {})

# If data differs, continue
if diff and report is False:
Expand All @@ -164,13 +147,9 @@ def update(

if assignment:
mem_assign_obj = get_object_assignment(mem_id, mem_assignments)
update = update_assignment(
assign_obj, mem_assign_obj, token, create_groups
)
update = update_assignment(assign_obj, mem_assign_obj, token, create_groups)
if update is not None:
request_data = {
"enrollmentConfigurationAssignments": update
}
request_data = {"enrollmentConfigurationAssignments": update}
post_assignment_update(
request_data,
mem_id,
Expand All @@ -182,18 +161,12 @@ def update(
# If Enrollment Configuration does not exist, continue
else:
print("-" * 90)
print(
f"Creating Enrollment Config {config_type}: "
+ repo_data["displayName"]
)
print(f"Creating Enrollment Config {config_type}: " + repo_data["displayName"])
# Create Enrollment Configuration
if report is False:
platform_types = ["android", "androidForWork"]

if (
repo_data["@odata.type"]
== "#microsoft.graph.deviceEnrollmentPlatformRestrictionConfiguration"
):
if repo_data["@odata.type"] == "#microsoft.graph.deviceEnrollmentPlatformRestrictionConfiguration":
if repo_data["platformType"] in platform_types:
for platform in platform_types:
repo_data["platformType"] = platform
Expand Down Expand Up @@ -225,41 +198,29 @@ def update(
)

mem_assign_obj = []
assignment = update_assignment(
assign_obj, mem_assign_obj, token, create_groups
)
assignment = update_assignment(assign_obj, mem_assign_obj, token, create_groups)
if assignment is not None:
request_data = {
"enrollmentConfigurationAssignments": assignment
}
request_data = {"enrollmentConfigurationAssignments": assignment}
post_assignment_update(
request_data,
post_request["id"],
"deviceManagement/deviceEnrollmentConfigurations",
"assign",
token,
)
print(
f"Enrollment Config {config_type} created with id: "
+ post_request["id"]
)
print(f"Enrollment Config {config_type} created with id: " + post_request["id"])

# If any Enrollment Configurations are left in intune_data, remove them from Intune as they are not in the repo
if intune_data.get("value", None) is not None and remove is True:
for val in intune_data["value"]:
if (
val["@odata.type"]
== "#microsoft.graph.windows10EnrollmentCompletionPageConfiguration"
val["@odata.type"] == "#microsoft.graph.windows10EnrollmentCompletionPageConfiguration"
or val["displayName"] == "All users and all devices"
):
continue
print("-" * 90)
print(
"Removing Enrollment Configuration from Intune: "
+ val["displayName"]
)
print("Removing Enrollment Configuration from Intune: " + val["displayName"])
if report is False:
makeapirequestDelete(
f"{ENDPOINT}/{val['id']}", token, status_code=200
)
makeapirequestDelete(f"{ENDPOINT}/{val['id']}", token, status_code=200)

return diff_summary
Loading

0 comments on commit e4c14c2

Please sign in to comment.