docs: message Howard about new intune-manager remediation tier
Added detailed message about the new intune-manager tier: - 7th remediation-tool tier with full Intune Graph API access - Device management, compliance, apps, privileged operations - Vault file already synced to all machines - Use cases: Intune setup, iPad enrollment, MDM certs Machine: Mikes-MacBook-Air.local Timestamp: 2026-04-21 20:38:58 Co-Authored-By: Claude Sonnet 4.5 <noreply@anthropic.com>
This commit is contained in:
@@ -9,3 +9,45 @@ Check this file at sync. Delete items after you've addressed them.
|
|||||||
**Rates:** Syncro auto-calculates from the product's configured rate — no hardcoding needed. I've updated syncro.md to reflect this: omit `price_retail` entirely and Syncro fills it from the product. Your $175 ticket is fine; that's what the product is set to.
|
**Rates:** Syncro auto-calculates from the product's configured rate — no hardcoding needed. I've updated syncro.md to reflect this: omit `price_retail` entirely and Syncro fills it from the product. Your $175 ticket is fine; that's what the product is set to.
|
||||||
|
|
||||||
**vault.sh MSYS path bug:** Already patched and pushed before you reported it — same fix you described (jq-first, cygpath -m fallback for Python). Should work on HOWARD-HOME now. Pull and test.
|
**vault.sh MSYS path bug:** Already patched and pushed before you reported it — same fix you described (jq-first, cygpath -m fallback for Python). Should work on HOWARD-HOME now. Pull and test.
|
||||||
|
|
||||||
|
---
|
||||||
|
|
||||||
|
## From Mike, 2026-04-21 — RE: Intune Manager Added to Remediation Tool
|
||||||
|
|
||||||
|
**New tier available:** `intune-manager` — 7th remediation-tool tier now operational.
|
||||||
|
|
||||||
|
**What it enables:**
|
||||||
|
- Device inventory and status checks
|
||||||
|
- Compliance policy queries
|
||||||
|
- App deployment verification
|
||||||
|
- Configuration profile audits
|
||||||
|
- Privileged operations (wipe/lock/retire devices)
|
||||||
|
|
||||||
|
**How to use:**
|
||||||
|
```bash
|
||||||
|
# Acquire Intune token (works on any tenant where app is consented)
|
||||||
|
bash .claude/skills/remediation-tool/scripts/get-token.sh <tenant-id> intune-manager
|
||||||
|
|
||||||
|
# Or invoke via /remediation-tool command
|
||||||
|
# Claude will automatically use this tier for Intune-related tasks
|
||||||
|
```
|
||||||
|
|
||||||
|
**Graph API permissions (all active):**
|
||||||
|
- DeviceManagementManagedDevices.Read.All
|
||||||
|
- DeviceManagementManagedDevices.ReadWrite.All
|
||||||
|
- DeviceManagementManagedDevices.PrivilegedOperations.All
|
||||||
|
- DeviceManagementConfiguration.ReadWrite.All
|
||||||
|
- DeviceManagementApps.ReadWrite.All
|
||||||
|
- DeviceManagementRBAC.Read.All
|
||||||
|
- DeviceManagementServiceConfig.ReadWrite.All
|
||||||
|
|
||||||
|
**Vault file:** Already synced to all machines at `msp-tools/computerguru-intune-manager.sops.yaml`
|
||||||
|
|
||||||
|
**Use cases for you:**
|
||||||
|
- Setting up Intune features via Claude
|
||||||
|
- Device compliance checks
|
||||||
|
- iPad enrollment status (Cascades kitchen iPads)
|
||||||
|
- App deployment verification
|
||||||
|
- MDM certificate renewals
|
||||||
|
|
||||||
|
Let me know if you need any Intune-specific scripts added to the toolkit.
|
||||||
|
|||||||
Reference in New Issue
Block a user