Hello all,
I'm updating this entire thread for brevity, as I've been researching this situation and I've learned a few things.
- The Detection Script will check for a condition, in my case if a MAK license is installed on a device (a laptop). No output is required other than the value of 0 for an unlicensed device.
- If a license is not detected, it should output that value which should in turn refer this device to the Remediation Script (if refer is the right word)
- The Remediation Script should then activate the device with a valid MAK license using slmgr.
- I've added 5 pilot devices to a group in Intune to test.
Questions - What conditions must be present for this custom script to run and activate the device?
- Is any kind of credential required to run the script?
- How is the script run, would it be when the device is restarted or should it run on some kind of schedule?
And more importantly:
- Must the device be joined to Azure AD before the script will run against it?
- These are workgroup devices that have not been joined to the on-prem AD.
- They have been onboarded to Intune.
The Detection script is simple:
$license = get-ciminstance softwarelicensingproduct | where-object {$_.PartialProductKey}
# check if the license object is a MAK license
if ($license.description -like "*MAK*") {
# if it is a MAK license, exit with error code 1
exit 1
} else {
# if it is not a MAK license, exit with error code 0
exit 0
}
Thanks in advance.
