This repository provides a curated collection of Microsoft Intune remediation scripts designed to support enterprise endpoint administrators and automation engineers. The scripts are written in PowerShell and organized into detection and remediation components that align with Intune's remediation framework.
These resources were originally assembled for a conference session and serve as a reference library for demonstrations, hands-on labs, and real-world deployment scenarios.
- Detection — Scripts used to determine compliance or configuration state.
- Remediation — Scripts that correct issues identified by the detection logic.
- Templates — Reusable foundations for creating new detection/remediation scripts.
- Examples — Supplemental reference scripts and session materials.
/Detection # Intune detection scripts
/Remediation # Intune remediation scripts
/Templates # Starter templates for building your own scripts
/Examples # Additional helpers, demos, or extras used in the session
- Identify the script you want to deploy.
- Download it using Raw view or clone the repository.
- In Intune, go to:
- Devices → Remediations → Create remediation
- Upload the detection and remediation scripts as required.
- Assign to a test group, verify behavior, then deploy more broadly.
- Detection scripts should exit with:
0→ Compliant1→ Non-compliant
- Remediation scripts should correct the state and return
0on success.
Testing locally is recommended:
# Run detection
pwsh .\Detect-Something.ps1
$LASTEXITCODE
# Run remediation
pwsh .\Remediate-Something.ps1- Detection scripts: Read-only by default. They scan file paths, per-user profiles, and (where included) registry uninstall entries to detect installed software. Output is a compact JSON object written to stdout and an exit code Intune understands. Detection will only write local files if explicitly enabled via a logging parameter.
- Remediation scripts: Idempotent and non-interactive. Remediations perform safe changes using quiet
installer switches,
ShouldProcesswhere appropriate, and attempt to avoid destructive actions. They should be tested in a controlled group before broad deployment. - Exit codes (common patterns):
0= Success / Compliant (no remediation required or remediation succeeded)1= Non-compliant or remediation required/failed (script-dependent semantics)- Additional exit codes may be used by remediation scripts to signal specific failures (see individual script headers for details).
- Idempotence & Safety: Remediation scripts compare versions or check state before making changes to ensure repeated runs are safe. Detection scripts avoid altering system state unless logging is enabled.
- Caveats: Validate scripts in a test environment. Do not include tenant-specific secrets or identifiers in scripts. Network downloads and installer execution depend on target device connectivity and local policy.
- Windows 10/11 device managed through Microsoft Intune
- Appropriate Intune permissions to create and deploy remediations
- PowerShell (5.x or 7.x depending on script requirements)
- Additional module requirements documented in individual script headers
A tagged Release is available containing the exact scripts used during the session. This ensures attendees can easily follow demos or reproduce the workflows shown.
All scripts are provided as-is without warranty. Validate functionality in a controlled environment before deploying to production systems.
Feedback, suggestions, and contributions are welcome. Please open an Issue or submit a Pull Request if you would like to recommend improvements or add new remediation examples.
This project is licensed under the MIT License.