DamagedDingo · November 7, 2025 01:19
diff --git a/DetectionOnly-Script.ps1 b/DetectionOnly-Script.ps1
 <#
 ---------------------------------------------------------------------------------------------------
 DetectionOnly-Script.ps1
 ---------------------------------------------------------------------------------------------------
 RELATED EXAMPLE:
    Combined Detection and Remediation Example:
    https://gist.github.com/DamagedDingo/07d620cc5a633a33d36177be306eff41#file-combined-detection-and-remediation-example-ps1

 PURPOSE:
    Demonstrates a stand-alone “Detection” script in Intune — though in reality,
    this is just a PowerShell script that Intune runs and monitors the exit code of.
    There is no health logic, no remediation pair, and no “healthy/unhealthy” outcome.

    The name “Detection” causes confusion. Intune only cares whether:
        - The SCRIPT ran successfully (Exit 0)
        - The SCRIPT failed or threw an error (Exit 1)

 CRITICAL DIFFERENCE TO THE COMBINED EXAMPLE:
    In the Detection + Remediation pair:
        - Exit 1 (try block)   = Unhealthy → Trigger remediation
        - Exit 0 (catch block) = Healthy   → No remediation

    In THIS detection-only example:
        - Exit 0 (try block)   = Script ran successfully
        - Exit 1 (catch block) = Script failed

    That’s the reversal you must notice — the “Exit 0” now lives in the TRY block.
    It’s the opposite of the detection/remediation pair example linked above.

 INTUNE COLUMNS:
    Exit 0 → "Pre-remediation detection OUTPUT"
    Exit 1 → "Pre-remediation detection ERROR"
    Both columns are hidden by default — enable them under Device status > Columns.

 IMPORTANT RULE:
    Only ONE Write-Output per exit path will be sent back to Intune.
    If you Write-Output multiple times before exit, only the final one is captured.
    That’s why each path below has a single Write-Output immediately before Exit.

 WRITE-ERROR NOTE:
    Do NOT use Write-Error.
    It terminates the script immediately and Intune never receives the message.
    Always use Write-Output first, then Exit.
 ---------------------------------------------------------------------------------------------------
 #>

 try {
    # --- TRY BLOCK -------------------------------------------------------
    # This is where the main work happens.
    # In this harmless example, we’re just writing a timestamp file.

    $path = 'C:\Temp'
    if (-not (Test-Path $path)) {
        New-Item -Path $path -ItemType Directory | Out-Null
    }

    $timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
    Set-Content -Path "$path\DetectionOnlyLog.txt" -Value "Script ran at $timestamp"

    # --- SUCCESS PATH ----------------------------------------------------
    # One Write-Output → One Exit.
    # This message appears in "Pre-remediation detection OUTPUT".
    Write-Output "Script succeeded (Exit 0). Timestamp written to $path\DetectionOnlyLog.txt"
    exit 0
 }
 catch {
    # --- FAILURE PATH ----------------------------------------------------
    # The script failed to complete.
    # One Write-Output → One Exit.
    # This message appears in "Pre-remediation detection ERROR".
    Write-Output "Script failed (Exit 1). The error is: $($_.Exception.Message)"
    exit 1
 }

 # ---[End of Script]-------------------------------------------------------------------
 # Summary:
 #   Combined Detection + Remediation pair:
 #       try   → exit 1 → Unhealthy → Trigger remediation
 #       catch → exit 0 → Healthy
 #
 #   Detection-only script (this file):
 #       try   → exit 0 → Script succeeded
 #       catch → exit 1 → Script failed
 #
 #   Remember: only one Write-Output per exit path is captured by Intune.
 # -------------------------------------------------------------------------------------
	<#
	---------------------------------------------------------------------------------------------------
	DetectionOnly-Script.ps1
	---------------------------------------------------------------------------------------------------
	RELATED EXAMPLE:
	Combined Detection and Remediation Example:
	https://gist.github.com/DamagedDingo/07d620cc5a633a33d36177be306eff41#file-combined-detection-and-remediation-example-ps1

	PURPOSE:
	Demonstrates a stand-alone “Detection” script in Intune — though in reality,
	this is just a PowerShell script that Intune runs and monitors the exit code of.
	There is no health logic, no remediation pair, and no “healthy/unhealthy” outcome.

	The name “Detection” causes confusion. Intune only cares whether:
	- The SCRIPT ran successfully (Exit 0)
	- The SCRIPT failed or threw an error (Exit 1)

	CRITICAL DIFFERENCE TO THE COMBINED EXAMPLE:
	In the Detection + Remediation pair:
	- Exit 1 (try block) = Unhealthy → Trigger remediation
	- Exit 0 (catch block) = Healthy → No remediation

	In THIS detection-only example:
	- Exit 0 (try block) = Script ran successfully
	- Exit 1 (catch block) = Script failed

	That’s the reversal you must notice — the “Exit 0” now lives in the TRY block.
	It’s the opposite of the detection/remediation pair example linked above.

	INTUNE COLUMNS:
	Exit 0 → "Pre-remediation detection OUTPUT"
	Exit 1 → "Pre-remediation detection ERROR"
	Both columns are hidden by default — enable them under Device status > Columns.

	IMPORTANT RULE:
	Only ONE Write-Output per exit path will be sent back to Intune.
	If you Write-Output multiple times before exit, only the final one is captured.
	That’s why each path below has a single Write-Output immediately before Exit.

	WRITE-ERROR NOTE:
	Do NOT use Write-Error.
	It terminates the script immediately and Intune never receives the message.
	Always use Write-Output first, then Exit.
	---------------------------------------------------------------------------------------------------
	#>

	try {
	# --- TRY BLOCK -------------------------------------------------------
	# This is where the main work happens.
	# In this harmless example, we’re just writing a timestamp file.

	$path = 'C:\Temp'
	if (-not (Test-Path $path)) {
	New-Item -Path $path -ItemType Directory \| Out-Null
	}

	$timestamp = Get-Date -Format 'yyyy-MM-dd HH:mm:ss'
	Set-Content -Path "$path\DetectionOnlyLog.txt" -Value "Script ran at $timestamp"

	# --- SUCCESS PATH ----------------------------------------------------
	# One Write-Output → One Exit.
	# This message appears in "Pre-remediation detection OUTPUT".
	Write-Output "Script succeeded (Exit 0). Timestamp written to $path\DetectionOnlyLog.txt"
	exit 0
	}
	catch {
	# --- FAILURE PATH ----------------------------------------------------
	# The script failed to complete.
	# One Write-Output → One Exit.
	# This message appears in "Pre-remediation detection ERROR".
	Write-Output "Script failed (Exit 1). The error is: $($_.Exception.Message)"
	exit 1
	}

	# ---[End of Script]-------------------------------------------------------------------
	# Summary:
	# Combined Detection + Remediation pair:
	# try → exit 1 → Unhealthy → Trigger remediation
	# catch → exit 0 → Healthy
	#
	# Detection-only script (this file):
	# try → exit 0 → Script succeeded
	# catch → exit 1 → Script failed
	#
	# Remember: only one Write-Output per exit path is captured by Intune.
	# -------------------------------------------------------------------------------------
No results found