This blog is about how to discover specific apps on Intune-managed Windows devices. I needed to check whether TikTok was installed. The Dutch government advises not to install this app because of the security reasons involved. Of course, I used a Powershell script to do so and want to share this with you.
Prerequisites
There is only 1 prerequisite and that is the MSAL.PS module for Powershell.
Install it using the following command:
Install-Module MSAL.PS
The script
This is the script:
$logfile = "C:\Temp\Tiktok_Windows.log" $appname = "*Tik*" # App name to search for $authResult = Get-MsalToken -ClientId d1ddf0e4-d672-4dae-b554-9d5bdfd93547 -RedirectUri "urn:ietf:wg:oauth:2.0:oob" -Interactive $Authheader = @{Authorization = "Bearer $($authResult.AccessToken)"} # Get all autopilot devices $URL = "https://graph.microsoft.com/beta/deviceManagement/managedDevices" $DevicesResponse = Invoke-RestMethod -Method GET -uri $URL -Headers $Authheader #Looping through MS Graph pages if more then a 100 results $Devices = $DevicesResponse.value $DevicesNextLink = $DevicesResponse."@odata.nextLink" while ($DevicesNextLink -ne $null){ $DevicesResponse = (Invoke-RestMethod -Uri $DevicesNextLink -Headers $Authheader -Method Get) $DevicesNextLink = $DevicesResponse."@odata.nextLink" $Devices += $DevicesResponse.value } $WindowsDevices = $Devices | Where-Object operatingSystem -Like "Windows*" Start-Transcript -Path $logfile foreach ($item in $WindowsDevices){ # Get all managed apps $URL = "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$($item.id)?`$expand=detectedApps" $Response = Invoke-RestMethod -Method GET -uri $URL -Headers $Authheader foreach ($app in $Response.detectedApps){ if ($app.displayName -Like $appname){ Write-Host "App found like Tik* appname: $($app.displayName) on $($item.deviceName)" } else { Write-Host "$($app.displayName) is not like *Tik* not found on $($item.deviceName)" } } } Stop-Transcript
It’s a simple script that just dumps all the info in a log file.
Change these variables if you want to search for another app or put the logfile in another location:
The output
The output, as stated before, is a log file in the temp folder. And, if you search for the application, you will find the machines which have the app:
This log file created over 200.000 lines of text. You could add some delimiters to export these tables in Excel more easily. I didn’t take the time to do so. 🙂
Have a good one!