Export BIOS status (uptodate or not) for Lenovo devices to a CSV on SharePoint

In this post I will show you an Azure Automation script allowing you to export Lenovo BIOS status (uptodate or not) for all Intune devices to a CSV on SharePoint.

This CSV contains the device name, model, current BIOS version, last one available on Lenovo for this model, date of the latest release.

Context

In my previous post I explain how to check if a Lenovo device has the latest BIOS version with only PowerShell.

Now we want to know for each Lenovo device in Intune if the current BIOS version is the last one or not.

The solution

- Create an Azure Automation account

- Use it with Managed Identity

- Create a Runbook in Automation

- Runbook compares current BIOS version with last one on Lenovo

- Export status in a CSV

- Send the CSV on SharePoint

Get the script

Click on the below GitHub picture to get the runbook.

What does the script ?

The automation script will proceed as below:

1. Get all Lenovo Intune devices

2. Get the current BIOS version

3. Get device name, model...

4. Get last BIOS available on Lenovo website

5. Compare current BIOS version and last one

6. Create a CSV 

7. Export devices with BIOS status to the CSV

8. Send BIOS version to SharePoint

The CSV and Teams notif

See below an overview of the CSV file:

See below an overview of the Teams message:

Prerequisites

Exporting CSV on SharePoint

Here we want to send a CSV on SharePoint with the list of devices with BIOS status.

You can get more info about how to proceed in my article here. 

Creating Teams webhook

Purpose: In this part, we will create a connector on a Teams channel allowing us to automate ability to send Teams notif.

For that, we will proceed as below:

1. Go to your channel

2. Click on the ...

3. Click on Connectors

4. Go to Incoming Webhook

5. Type a name

6. Click on Create

7. Copy the Webhook path

How to use the script ?

Webhook path

Add link on your webhook in the $Webhook_URL variable.

Teams notif

Set the below variables for the notif on Teams: 

SharePoint information

Set the below variables:

Azure Automation part

Create the account

1. Go to Azure

2. Go to Automation accounts

3. Click on Create

4. Type a name

5. Choose a Subscription

6. Choose the Resource group

7. Choose your region

8. Click on Create

Set Managed Identity

1. Go to your automation account

2. Go to Identity

3. Go to System assigned

4. Select On

5. Click on Save

6. Click on Yes

Add permissions

The script uses Graph API to get all devices BIOS version.

For this you need to add the appropriate permission on Graph API.

Run the script Assign_permissions.ps1 with global admin rights.

Create a Runbook

1. Go to your Automation accounts

2. Go to Runbooks

3. Click on Create a runbook

4. Type a name

5. In Runbook type, select PowerShell

6. Click on Create

7. Go to Edit

8. Copy content of Runbook.ps1

Test the Runbook

1. Click on Test pane

2. Click on Start

3. Once finished, you should see Completed

Publish the Runbook

1. Go to your Runbook

2. Click on Edit

3. Click on Publish

4. Click on Yes

Schedule the Runbook

1. Go to your Runbook

2. Click on Schedules

3. Click on Add a schedule

4. Click on Link a schedule to your runbook

5. Click on Add a schedule

6. Type a name

7. In Recurrence, select Recuring

8. Click on Create