Skip to main content
Sign in

Creating workflows for Microsoft Intune assets

  • May 14, 2024 00:39
  • Updated

Let Oomnitza be your single source of truth!

You'll get visibility of your assets as data from Microsoft Intune is automatically transformed into consumable information and actionable insights.

Connect Oomnitza and Microsoft Intune in minutes

You'll get visibility of your Microsoft Intune assets by creating configurable workflows to automate tasks such as:

    • Managing device security, including remote locking, resetting a device PassCode, shutting down, and locking a device.
    • Offboarding and onboarding a device, including cleaning, wiping, deleting, retiring, and rebooting a device.
    • Managing a device, including updating and recovering a PassCode.

Navigation

small_blue_link.svgBefore you start

small_blue_link.svgCreating workflows

Create asset workflows

Microsoft Intune Clean Windows Device

Microsoft Intune Delete Managed Device

Microsoft Intune Disable Lost Mode

Microsoft Intune Reboot Managed Device

Microsoft Intune Recover Passcode

Microsoft Intune Remote Lock Managed Device

Microsoft Intune Reset PassCode of Managed Device

Microsoft Intune Retire a Managed Device

Microsoft Intune Shut Down Managed Device

Microsoft Intune Update Managed Device

Microsoft Intune Wipe a Managed Device

Before you start

Before you can create the integration with Oomnitza, you need to have completed the following steps:

  1. Generated your OAuth2.0 credentials in Azure
  2. Added your OAuth 2.0 credentials to Oomnitza
  3. Created an extended integration for Microsoft Intune assets. 

Creating workflows

Create asset workflows

To create an asset workflow, you must complete these steps:  

  1. Click Configuration > Workflows 
  2. Click Add (+) and select Assets from the list.
  3. Edit the Begin Block and add rules to trigger the workflow. For example, if you had a checkbox in your asset record to flag the user as offboarded you can set the criteria in the Begin block as follows:
    1. Set Actions to Schedule, and select a convenient time for your workflow to run.
    2. Click Add Rule. Set the Is Offboarded checkbox to True. Your workflow will run for every record where the Is Offboarded checkbox is set to True.
  4. Drag and drop the API block onto the Sandbox.
  5. Click Edit on the API block and enter Microsoft Intune in the search field. 
  6. Select a preset from the list below. To choose a preset, click the forward arrow (>).
  7. Select the credentials that you created in Adding your Microsoft credentials to Oomnitza.
  8. Enter any mandatory information when prompted.
  9. Select Advanced Mode.
  10. Select the Information tab. Ensure that the property {{microsoft_intune_device_id}} exists in Oomnitza and is populated with information before you run this workflow. You can create an asset integration to retrieve this information before you run this workflow.
  11. Connect the Blocks. 
  12. Save, validate, and activate your workflow.

blue_link.svg Understanding Workflows

Using the Microsoft Intune Clean Windows Device preset

The Microsoft Intune Clean Windows Device preset cleans a Windows device. The device to be cleaned is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires DeviceManagementManagedDevices.PrivilegedOperations.All permissions.

For further information, see Microsoft Graph API Documentation:cleanWindowsDevice action

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Delete Managed Device preset

The Microsoft Intune Delete Managed Device preset deletes a managed device.

The device to be deleted is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires DeviceManagementManagedDevices.ReadWrite.All permissions.

For further information, see Microsoft Graph API Documentation:Delete managedDevice

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Disable Lost Mode preset

The Microsoft Intune Disable Lost Mode preset disables lost mode on a device.

The device to be disabled is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

For further information, see Microsoft Graph API Documentation: Disable Lost Mode. 

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Reboot Managed Device preset

The Microsoft Intune Reboot Managed Device preset reboots a managed device.

The device to be rebooted is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

For further information, see Microsoft Graph API Documentation: Reboot Now. 

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Recover Passcode preset

The Microsoft Intune Recover Passcode preset recovers a passcode.

The device to be recovered is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

For further information, see Microsoft Graph API Documentation: recoverPasscode action.

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Remote Lock Managed Device preset

The Microsoft Intune Remote Lock Managed Device preset remotely locks a managed device.

The device to be locked is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

See Microsoft Graph API Documentation: remoteLock action.

Restriction
Not supported for Windows 10 desktop. See Remotely lock devices with Microsoft Intune.

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Reset PassCode of Managed Device preset

The Microsoft Intune Reset PassCode of Managed Device preset resets the passcode of a managed device.

The device to be reset is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

For further information, see Microsoft Graph API Documentation: resetPasscode action

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Retire a Managed Device preset

The Microsoft Intune Retire a Managed Device preset retires a managed device.

The device to be retired is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

For further information, see Microsoft Graph API Documentation: retire action.

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Shut Down Managed Device preset

The Microsoft Intune Shut Down Managed Device preset shuts down a managed device.

The device to be shut down is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.PrivilegedOperations.All
permissions.

For further information, see Microsoft Graph API Documentation: shutDown action.

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

Using the Microsoft Intune Update Managed Device preset

The Microsoft Intune Update Managed Device preset updates the properties of a managedDevice object. You need to supply the following information to update a device:

  • Device Owner Type: Ownership of the device. Can be company or personal. Possible values are: unknown, company, personal.
  • Device Name: Name of the device. This property is read-only.
  • Notes: Notes on the device created by IT Admin.

The device to be updated is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires theDeviceManagementManagedDevices.ReadWrite.Allpermissions.

You can map the entire response in the Advanced Mode > Response tab by placing {{response}} in the Response field and mapping it to a custom long text Oomnitza field, such as API Response. Once you have the entire response, you can then parse the JSON response values to custom Oomnitza fields, as per the example below.

microsoft_intune_api_response.PNG

For further information, see Microsoft Graph API Documentation: Update managedDevice.

Using the Microsoft Intune Wipe a Managed Device preset

The Microsoft Intune Wipe a Managed Device preset wipes a managed device.

The device to be wiped is referenced in the Advanced Mode > Information tab in the property{{microsoft_intune_device_id}}.

This preset requires the DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementManagedDevices.PrivilegedOperations.All permissions.

For further information, see Microsoft Graph API Documentation: wipe action

Warning
If successful, this workflow returns a204 No Contentresponse code. Do not map a response in Advanced Mode > Response, as it will cause the content to fail due to no content.

articles_icon.svg Reference articles for workflows

Related articles

Comments

0 comments

Please sign in to leave a comment.