Get Powershell and Bash Scripts back from Intune using MS Graph

If you read this post, it’s because we are the same. You cannot find where you stored your script.

You succeeded to run a script from Intune either for proactive remediations or MacOS Custom Attributes. Sadly, you can’t find the script you wrote and you would like to have it back from Intune.

Using the Intune console, you cannot download the script you uploaded.

However, there is a way to get it back using Graph API. It works for bash scripts and powershell scripts you lost.

Use Graph Explorer (one of my best friends)

Let’s begin the research in the node where the PS scripts are : https://graph.microsoft.com/beta/deviceManagement/deviceManagementScripts

Then, let’s dig a bit further using the id of the script you want to get back. You can find this id either in the Graph Explorer or directly in the web console URL

You will observe an base-64 encoded content in the « scriptcontent » field.

Let’s decrypt that to text then. Copy it and paste it either in an online decoder or using your favorite editor : Visual Studio Code

I use an extension to do it and i get this result :

And here you are, with your script back !

Additionnal kind of scripts

You can get your proactive remediations using this API : https://graph.microsoft.com/beta/deviceManagement/deviceHealthScripts/idofyourscript

You can get your bash script for Custom Attributes MacOS using this API : https://graph.microsoft.com/beta/deviceManagement/deviceCustomAttributeShellScripts/idofyourscript

Same song again. You copy the base-64 encoded content and decode it with your editor.

Cheers !