There can be times when you need to redeploy the (common or remediation) script deployed from Intune. Because of compliance checks or just for testing purposes.
The solution for this problem is in general to delete the correct registry key. And by correct I mean key in the right place with the right name.
Keys for common scripts are saved in HKLM:\SOFTWARE\Microsoft\IntuneManagementExtension\Policies\<scope> ๐.
Remediation script keys are saved in HKLM:\SOFTWARE\Microsoft\IntuneManagementExtension\SideCarPolicies\Scripts\Reports\<scope> ๐.
As can be seen, script keys use IDs instead of names, so you have to get the correct ID from Intune first. As for Win32App , you have two options.
a) Get the script ID from Intune web portal
b) Get the script ID from Graph API like
$intuneRemediationScript = Invoke-MSGraphRequest -Url "https://graph.microsoft.com/beta/deviceManagement/deviceHealthScripts?select=id,displayname" | Get-MSGraphAllPages
for remediation scripts
$intuneScript = Invoke-MSGraphRequest -Url "https://graph.microsoft.com/beta/deviceManagement/deviceManagementScripts?select=id,displayname" | Get-MSGraphAllPages
for common scripts.
Invoke-IntuneScriptRedeploy to the rescue
If you want a ready-to-go solution, you can use my function Invoke-IntuneScriptRedeploy (now part of the IntuneStuff module) which gives you GUI with all deployed Intune script(s), so you just select the correct one and hit OK to redeploy it.
Because common scripts have different data available in the registry than remediation scripts, you will have to use
scriptTypeparameter to choose one of them.
To show users and script names instead of IDs, call this function with parameter getDataFromIntune like ๐
Otherwise, the result will be like this ๐
Btw redeploy as such is caused by restarting Intune service IntuneManagementExtension.
95% of the function code is based on my Get-ClientIntunePolicyResult for getting RSOP-like results for Intune policies
Have fun โ
PS: If you need redeploy Win32Apps instead, check this post .