SMSAgentSoftware/Get-MgDeviceRemediationsStatus.ps1

## Get-MgDeviceRemediationsStatus.ps1
Function Get-MgDeviceRemediationsStatus {
    [CmdletBinding()]
    Param
    (
        [Parameter(Mandatory=$true)]
        [ValidateNotNull()]
        [ValidateNotNullOrEmpty()]
        [string[]]
        $Computername
    )

    # Requires the Microsoft Graph PowerShell SDK (Microsoft.Graph.*)
    # MS Graph required permissions (delegated)
    # DeviceManagementManagedDevices.Read.All
    # DeviceManagementConfiguration.Read.All

    Begin
    {
        # Get NuGet
        $provider = Get-PackageProvider NuGet -ErrorAction Ignore
        if (-not $provider)
        {
            Write-Host "Installing provider NuGet..." -NoNewline
            try
            {
                Find-PackageProvider -Name NuGet -ForceBootstrap -IncludeDependencies -Force -ErrorAction Stop -WarningAction SilentlyContinue
                Write-Host "Success" -ForegroundColor Green
            }
            catch
            {
                Write-Host "Failed" -ForegroundColor Red
                throw $_.Exception.Message
            }
        }

        $module = Import-Module Microsoft.Graph.DeviceManagement -PassThru -ErrorAction Ignore
        if (-not $module)
        {
            Write-Host "Installing module Microsoft.Graph.DeviceManagement..." -NoNewline
            try
            {
                Install-Module Microsoft.Graph.DeviceManagement -Scope CurrentUser -Force -ErrorAction Stop -WarningAction SilentlyContinue
                Write-Host "Success" -ForegroundColor Green
            }
            catch
            {
                Write-Host "Failed" -ForegroundColor Red
                throw $_.Exception.Message
            }
        }

        $module = Import-Module Microsoft.Graph.Beta.DeviceManagement -PassThru -ErrorAction Ignore
        if (-not $module)
        {
            Write-Host "Installing module Microsoft.Graph.Beta.DeviceManagement..." -NoNewline
            try
            {
                Install-Module Microsoft.Graph.Beta.DeviceManagement -Scope CurrentUser -Force -ErrorAction Stop -WarningAction SilentlyContinue
                Write-Host "Success" -ForegroundColor Green
            }
            catch
            {
                Write-Host "Failed" -ForegroundColor Red
                throw $_.Exception.Message
            }
        }

        try
        {
            $null = Connect-MgGraph -Scopes "DeviceManagementManagedDevices.Read.All","DeviceManagementConfiguration.Read.All" -ErrorAction Stop
        }
        catch
        {
            throw $_.Exception.Message
        }

    }
    Process
    {
        foreach ($Computer in $Computername)
        {
            # Find managed device in Graph
            try
            {
                $Device = Get-MgDeviceManagementManagedDevice -Filter "deviceName eq '$Computer'" -ErrorAction Stop
            }
            catch
            {
                Write-Error $_.Exception.Message
                continue
            }

            # Make sure only 1 result returned
            if ($null -eq $Device)
            {
                Write-Error "Device not found"
                continue
            }
            if ($Device.Count -gt 1)
            {
                Write-Error "Multiple devices found with the name '$Computer'. Device names must be unique."
                continue
            }

            # Get the remediations status
            try
            {
                $result = Get-MgBetaDeviceManagementManagedDeviceHealthScriptState -ManagedDeviceId $Device.id -All -ErrorAction Stop
            }
            catch
            {
                Write-Error $_.Exception.Message
                continue
            }

            # Select only the desired properties
            if ($result.Count -lt 1)
            {
                Write-Warning "No remediations status found for '$Computer'"
                continue
            }
            $result = $result | Select -Property * -Unique
            $Properties = @("DeviceName","PolicyName","UserName","LastStateUpdateDateTime","DetectionState","RemediationState","PreRemediationDetectionScriptOutput","PreRemediationDetectionScriptError","RemediationScriptError","PostRemediationDetectionScriptOutput","PostRemediationDetectionScriptError")
            ($result | Select -Property $Properties | Sort PolicyName)
        }
    }
    End
    {
        $null = Disconnect-MgGraph
    }
}

# Example usage
Get-MgDeviceRemediationsStatus -Computername "PC001","PC002" | Out-GridView
	Function Get-MgDeviceRemediationsStatus {
	[CmdletBinding()]
	Param
	(
	[Parameter(Mandatory=$true)]
	[ValidateNotNull()]
	[ValidateNotNullOrEmpty()]
	[string[]]
	$Computername
	)

	# Requires the Microsoft Graph PowerShell SDK (Microsoft.Graph.*)
	# MS Graph required permissions (delegated)
	# DeviceManagementManagedDevices.Read.All
	# DeviceManagementConfiguration.Read.All

	Begin
	{
	# Get NuGet
	$provider = Get-PackageProvider NuGet -ErrorAction Ignore
	if (-not $provider)
	{
	Write-Host "Installing provider NuGet..." -NoNewline
	try
	{
	Find-PackageProvider -Name NuGet -ForceBootstrap -IncludeDependencies -Force -ErrorAction Stop -WarningAction SilentlyContinue
	Write-Host "Success" -ForegroundColor Green
	}
	catch
	{
	Write-Host "Failed" -ForegroundColor Red
	throw $_.Exception.Message
	}
	}

	$module = Import-Module Microsoft.Graph.DeviceManagement -PassThru -ErrorAction Ignore
	if (-not $module)
	{
	Write-Host "Installing module Microsoft.Graph.DeviceManagement..." -NoNewline
	try
	{
	Install-Module Microsoft.Graph.DeviceManagement -Scope CurrentUser -Force -ErrorAction Stop -WarningAction SilentlyContinue
	Write-Host "Success" -ForegroundColor Green
	}
	catch
	{
	Write-Host "Failed" -ForegroundColor Red
	throw $_.Exception.Message
	}
	}

	$module = Import-Module Microsoft.Graph.Beta.DeviceManagement -PassThru -ErrorAction Ignore
	if (-not $module)
	{
	Write-Host "Installing module Microsoft.Graph.Beta.DeviceManagement..." -NoNewline
	try
	{
	Install-Module Microsoft.Graph.Beta.DeviceManagement -Scope CurrentUser -Force -ErrorAction Stop -WarningAction SilentlyContinue
	Write-Host "Success" -ForegroundColor Green
	}
	catch
	{
	Write-Host "Failed" -ForegroundColor Red
	throw $_.Exception.Message
	}
	}

	try
	{
	$null = Connect-MgGraph -Scopes "DeviceManagementManagedDevices.Read.All","DeviceManagementConfiguration.Read.All" -ErrorAction Stop
	}
	catch
	{
	throw $_.Exception.Message
	}

	}
	Process
	{
	foreach ($Computer in $Computername)
	{
	# Find managed device in Graph
	try
	{
	$Device = Get-MgDeviceManagementManagedDevice -Filter "deviceName eq '$Computer'" -ErrorAction Stop
	}
	catch
	{
	Write-Error $_.Exception.Message
	continue
	}

	# Make sure only 1 result returned
	if ($null -eq $Device)
	{
	Write-Error "Device not found"
	continue
	}
	if ($Device.Count -gt 1)
	{
	Write-Error "Multiple devices found with the name '$Computer'. Device names must be unique."
	continue
	}

	# Get the remediations status
	try
	{
	$result = Get-MgBetaDeviceManagementManagedDeviceHealthScriptState -ManagedDeviceId $Device.id -All -ErrorAction Stop
	}
	catch
	{
	Write-Error $_.Exception.Message
	continue
	}

	# Select only the desired properties
	if ($result.Count -lt 1)
	{
	Write-Warning "No remediations status found for '$Computer'"
	continue
	}
	$result = $result \| Select -Property * -Unique
	$Properties = @("DeviceName","PolicyName","UserName","LastStateUpdateDateTime","DetectionState","RemediationState","PreRemediationDetectionScriptOutput","PreRemediationDetectionScriptError","RemediationScriptError","PostRemediationDetectionScriptOutput","PostRemediationDetectionScriptError")
	($result \| Select -Property $Properties \| Sort PolicyName)
	}
	}
	End
	{
	$null = Disconnect-MgGraph
	}
	}

	# Example usage
	Get-MgDeviceRemediationsStatus -Computername "PC001","PC002" \| Out-GridView