Close Encounters of Fiddler

Close Encounters of Fiddler

*The power of combining Fiddler and PowerShell.

Did you ever wonder how to automate Office365 deployment? It’s a lot of work to configure conditional access, device configurations, update settings and compliance settings manually… and we haven’t even talked about the risk of human error. For all these worries and concerns automation is your solution.

*How does it work?

First, we need Fiddler and PowerShell. Download and install Fiddler, don’t forget to configure the SSL decrypt settings and open the Intune web portal.

https://www.telerik.com/download/fiddler

Go and create a conditional access rules in Intune. When saving your conditional access rule, take a look at fiddler. Make sure you select inspectors and text view.

Very Nice… Now you’ve got all the information you need to replicate it with PowerShell.

  1. The host address: main.iam.ad.ext.azure.com. You will need to make a REST API on Azure.  Remember the resource: 74658136-14ec-4630-ad9b-26e160ff0fc6
  2.  The URL, Add the host address: https://main.iam.ad.ext.azure.com/api/policies.
  3.  JSON: Copy/paste the information into a variable.

Okay? What now? One script to rule them all!

login-azurermaccount

$context = Get-AzureRmContext
$tenantId = $context.Tenant.Id
$refreshToken = @($context.TokenCache.ReadItems() | where {$_.tenantId -eq $tenantId -and $_.ExpiresOn -gt (Get-Date)})[0].RefreshToken
$body = "grant_type=refresh_token&refresh_token=$($refreshToken)&resource=74658136-14ec-4630-ad9b-26e160ff0fc6"
$apiToken = Invoke-RestMethod "https://login.windows.net/$tenantId/oauth2/token" -Method POST -Body $body -ContentType 'application/x-www-form-urlencoded'

$header = @{
'Authorization' = 'Bearer ' + $apiToken.access_token
'Content-Type' = 'application/json'
    'X-Requested-With'= 'XMLHttpRequest'
    'x-ms-client-request-id'= [guid]::NewGuid()
    'x-ms-correlation-id' = [guid]::NewGuid()
    }

$url = "https://main.iam.ad.ext.azure.com/api/Policies"

$content = PUT JSON CONTENT HERE

Invoke-RestMethod –Uri $url –Headers $header –Method Post -Body $content -ErrorAction Stop

Now take a look at your conditional access rules, that’s what I call automation!

Conclusion:

If you want to know how to change a Microsoft 365 setting with PowerShell, use Fiddler! Conditional access rules are just one of the many examples you can automate. You can do the same with compliance settings, device configurations and azure settings.

Leave a Reply

Your email address will not be published. Required fields are marked *