Close Encounters of Fiddler

Close Encounters of Fiddler

This blog will show you how to combine the power of Fiddeler and PowerShell.

Did you ever wonder how you could automate your Microsoft365 deployments? It’s a lot of work to configure conditional access, device configurations, update settings, and compliance settings manually… and we haven’t even talked about the risk of human error.

The Top 7: How To Reduce Manufacturing Human Error - Learnaboutgmp:  Accredited Online Life Science Training Courses

For all these worries and concerns automation is your solution!!!!!

How does it work?

First, we need Fiddler and PowerShell. Download and install Fiddler.

https://www.telerik.com/download/fiddler

When you have installed Fiddler please make sure you enable the possibility to decrypt HTTPS. Otherwise, you wouldn’t see much information.

Now we have everything in place open the Intune web portal.

Go and create a conditional access rule in Intune. When saving your conditional access rule, you will need to take a good look at Fiddler. Make sure you select inspectors and text view(or raw).

Very Nice… Now you’ve got all the information you need to replicate it with PowerShell.

  1. The host address: main.iam.ad.ext.azure.com. You will need to make a REST API on Azure.  Remember the resource: 74658136-14ec-4630-ad9b-26e160ff0fc6 –> Azure PowerShell
  2.  The URL, Add the host address: https://main.iam.ad.ext.azure.com/api/policies.
  3.  JSON: Copy/paste the information into a variable.

Okay? What now? One script to rule them all!

login-azurermaccount

$context = Get-AzureRmContext
$tenantId = $context.Tenant.Id
$refreshToken = @($context.TokenCache.ReadItems() | where {$_.tenantId -eq $tenantId -and $_.ExpiresOn -gt (Get-Date)})[0].RefreshToken
$body = "grant_type=refresh_token&refresh_token=$($refreshToken)&resource=74658136-14ec-4630-ad9b-26e160ff0fc6"
$apiToken = Invoke-RestMethod "https://login.windows.net/$tenantId/oauth2/token" -Method POST -Body $body -ContentType 'application/x-www-form-urlencoded'

$header = @{
'Authorization' = 'Bearer ' + $apiToken.access_token
'Content-Type' = 'application/json'
    'X-Requested-With'= 'XMLHttpRequest'
    'x-ms-client-request-id'= [guid]::NewGuid()
    'x-ms-correlation-id' = [guid]::NewGuid()
    }

$url = "https://main.iam.ad.ext.azure.com/api/Policies"

$content = 'PUT JSON CONTENT HERE'

Invoke-RestMethod –Uri $url –Headers $header –Method Post -Body $content -ErrorAction Stop

Now take a look at your conditional access rules, that’s what I call automation! Please don’t forget to turn Off the conditional rules before you export them.

You could really lock yourself out when importing enabled conditional access rules in another tenant!

Conclusion:

If you want to know how to change a Microsoft 365 setting with PowerShell, use Fiddler! Conditional access rules are just one of the many examples you could automate. Congratulations, you just automated the deployment of compliance settings, device configurations, and azure settings with PowerShell.

The Riddler GIFs - Get the best GIF on GIPHY

Leave a Reply

Your email address will not be published. Required fields are marked *

  +  60  =  61