Use Intune + Azure Automation + Power BI to create a report of devices drivers status


In this post I will share a way to use Intune to create a report of local administrator on your device.


- You have enrolled devices in Intune

- You want to know which device has drivers issues

- You want to know what is the issue

- You want to know: device name and user name

- You want to export result to a CSV

- You want an schedule way for that

- You want to display result in Power BI

Get the script

Click on the below GitHub picture to get both detection and remediation scripts.

You will find:

- Detection script: Check_Drivers_Detection.ps1

- Automation Runbook script: DriversStatus_Runbook.ps1

How does it work ?

We will proceed as below:

Get driver status

1. Create a Proactive Remediation package

2. Add detection script

3. Use PowerShell and Graph to export result of the remediation script

4. Export this to a CSV

Create CSV report

1. Use the script to export result of the remediation script

2. Add this script on Azure Automation

3. Schedule the script

4. This will export drivers status result in a schedule

5. Export the CSV to a blog storage

You can also imagine an export on Sharepoint

Create the PowerBI report

1. Get data from blob storage

2. Publish the report

3. Add a schedule refresh

Create the remediation package

1. Go to the Microsoft Endpoint manager admin center

2. Go to Reports

3. Go to Endpoint analytics

4. Go to Proactive remediations

5. Click on Create script package

6. Type a name in our case Update Lenovo BIOS

7. Click on Next

8. Click on Detection script file

9. Choose the detection script

12. Click on Next

13. Select the group Lenovo devices

14. In the Schedule part, choose when the package should be run.

15. In our case we will run it every 3 hours (for our test)

16. Click on Apply

17. Click on Next

18. Click on Create

Azure application part

Create the app

1. Log in to Azure

2. Go to App registrations

3. Click on New registration

4. Type a name and let by default

5. Click on Register

6. You now have access to your app info

Create a secret client

For authentication we will need a secret.

To create it, you will need to proceed as follows:

1. Click on Certificates & secrets

2. Click on New client secret

3. Enter a name

4. Choose Never

5. Click Add

6. Your secret client will be displayed

7. Copy it somewhere to reuse it

Add permissions

1. Go to your Azure application

2. Click on API permissions

3. Click Add a permission

4. Choose Microsoft Graph

5. Click on Application permissions

6. Navigate to DeviceManagementConfig

7. Check below permissions

8. Click on Add permissions

9. Click on Grant admin consent

Azure Automation part

Purpose: In this part we will create a runbook meaning a script that will be executed each hour. 

This script will generate the remediation script report and upload it on Sharepoint.

Create the automation account

1. Go to Azure

2. Go to Automation accounts

3. We will create a new one, click on + New

4. Type a name 

5. Select your subscription

6. Select a Resource group


6. Click on Create new in resource group part

7. Select your location

8. Click on Create

9. Wait for the success notif

10. You have now your new automation account

Install modules

Purpose: In this part we will import the below modules in our Automation part:

- Microsoft.Graph.Intune

Import Intune module

1. Go to your automation account

2. Go to Modules gallery

4. Search Microsoft.Graph.Intune

5. Click on the appropriate module

6. Click on Import

7. Click on OK 

8. The import starts

Runbook part

Create the Runbook

1. Click on the automation previously created

2. Click on Runbooks

3. Click on Create a Runbook

4. Type a name like Check_Drivers

5. In Runbook type, select PowerShell

6. Click on Create

Test the runbook

1. Your runbook is empty

2. Add the code from the script

3. Click on Save 

4. Click on Test pane 

5. Click on Start

6. The job completed successfully

7. Now check your blob storage

8. The CSV has been uploaded

Publish the runbook

Purpose: Now we have tested our script, we will publish it and add a schedule.

1. Click on Edit

2. Click on Publish

3. Click on Yes

4. Click on Schedules

5. Click on Add a schedule

6. Click on Schedule

7. Click on Add a schedule

8. Type a name

9. Select the start date and Timezone

10. Select Recurring

11. We will set it to every 3 hour

12. Click on Create

13. Click on OK

PowerBI report

Blob Storage info

1. Go to Storage accounts

2. Click on the storage account containing the CSV

3. Keep in mind the storage account name

4. Go to Access keys

5. Click on Show keys

6. Copy value from Key1

Get datas from Azure

1. Open PowerBI Desktop

2. Click on Get data

3. Select Azure

4. Click on Azure Blob Storage

5. Click on Connect

6. Type the account name then OK

7. Paste the Access key copied previously

8. Check the appropriate folder

9. Click on Transform Data

10. Click on the button in Content

11. Datas will be listed

12. Click on OK

13. Click on the table in the corner

13. Select Use First Row as Headers 

14. Click on Close & Apply twice

Create the report

1. Go to Visualizations

2. Click on Pie chart

3. The Pie chart will be displayed

4. Go to Fields

5. Click on the data sources

6. Check Error

7. Drop Local admin status in the Values field from Visualizations

8. We have now our Pie

9. Go to Visualizations 

10. Click on Table

11. Go to Fields

12. Click on the data sources

13. Check in order:

- Device name

- User name

- Error

- Driver name

- Device ID

- Last check

14. Go to Filters

15. Click on Error

16. Check Drivers disabled and Drivers missing

Publish the report

1. Click on Publish

2. Click on Select

3. Click on Open report in Power BI

4. The report will be opened in your browser

5. Click on Datasets

6. Select your report

8. Click on Settings

9. In Datasets, click on Scheduled refresh

10. Click on On

11. Select a frequency

12. Click on Apply

slider 8643691003797374361

Enregistrer un commentaire

Accueil item


Join me soon

Join me soon

Endpoint Manager award

Mes articles en français

Author of Books

PowerShell GUI & WPF Group

PowerShell GUI & WPF Group

Join the FPSUGR

Join the FPSUGR