Powershell Script with WPF GUI to onboard Devices to Intune through Microsoft GRAPH API

With this script you can automatically onboard (register) or re-assign Windows Devices onto your Organization Intune, without having to perfom all the related manual tasks such as: Unencrypting the System Disk, Enabling Windows Recovery, Checking and applying a specific Autopilot Profile, Assigning the Device to a specific User.

It relies on an "Azure Application" with all the necessary previleges to perform all the actions needed through Microsoft GRAPH API, so Devices can remotely be onboarded, without needing the presence of an IT account previliged User by the Device premises.

It also checks Hardware and Software to ensure the device being onbaorded is compatible with the latest Windows 11 release. (TPM Version, SecureBoot, CPU Architecure/Family, Avaliable Memory, OS Version, OS Build)

It logs every step to a local log file located at C:\ProgramData\Autopilot_serialNumber_LOG.txt file and uploads this log file to Azure Storage. It also uploads all the script actions and outputs to Azure Log Analytics (Workbook_Screenshot.jpg), where with a simple Workbook you can showcase all onboarding attempts by the Tool.

ALL NEEDED FIELDS IN THE SCRIPT HAVE "#ChangeMe" STRING SO THEY CAN BE EASILY IDENTIFIED AND ALTERED TO YOUR VALUES, just use Find.

Application Read Microsoft Intune device configuration and policies Yes Granted for your Company Azure

Application Read Microsoft Intune devices Yes Granted for your Company Azure

Application Read and write Microsoft Intune configuration Yes Granted for your Company Azure

Application Read directory data Yes Granted for your Company Azure