/
Microsoft Intune to JSM Assets

Microsoft Intune to JSM Assets

Import devices, applications, users and other attributes from Intune to JSM Assets.

Connect OnLink to Entra (Azure AD) using instructions here https://onwardb.atlassian.net/wiki/spaces/ONLINK/pages/24870947/Entra+ID+formerly+Azure+AD. This connection helps OnLink connect to Intune as well.

Here’s a demo video showing integration between Microsoft Intune and JSM Assets:

https://www.loom.com/share/1067e65526244ee890c9cb37360414d1

Please review instructions here to get started with setting up an Assets import configuration. You can then access OnLink app from the “Manage your apps” menu to further configure and set the field level mapping. Here’s an example configuration:

 

image-20240323-031909.png

 

 

 

 

  1. Set a descriptive name for this map

  2. Set source system to Microsoft Intune

  3. Asset Schema is pre-filled. This is the schema in JSM Assets on which you started the configuration.

  4. Select the Object Type within your schema.

  5. Select schedule frequency

  6. Attribute mapping - see below for more details.

 

Sample Intune Object Schema

 

image-20240323-032002.png

 

 

 

Here’s the associated mapping

key:id=id
map:userId=userId
map:emailAddress=Jira User
map:deviceName=deviceName
map:model=deviceModel
map:operatingSystem=operatingSystem
map:complianceState=complianceState
map:managementAgent=managementAgent

 

Below is a detailed breakdown of each of the mapping items:

Key or Map

Description

Key or Map

Description

key:id=id

The keyword “key” refers to using id (from Intune) as a unique identifier. This allows OnLink to update the record.

map:userId=userId

Maps userId from Intune userId text attribute; additional details about user can be imported from Entra ID.

map:emailAddress=Jira User

The emailAddress field containing email address of user associated with the device is mapped to Jira User. Jira User is an attribute of type “User” - OnLink automatically looks-up the Atlassian User object based on the email address.

map:userId=userIdRef|WorkerID=${userId}

This maps userId from Intune to user object. WorkerID is the unique ID on the user object.

map:model=deviceModel

Maps model property from Intune. Any field (string, boolean, date) from Intune API can be used as the source field. Here’s the list of fields: https://learn.microsoft.com/en-us/graph/api/resources/intune-devices-manageddevice?view=graph-rest-1.0#properties

Here are some common fields:

userId
complianceState
deviceName
enrolledDateTime
operatingSystem
jailBroken
osVersion
azureADRegistered
activationLockBypassCode
deviceCategoryDisplayName
isEncrypted
model
manufacturer
serialNumber
managedDeviceName
managementAgent

Get Apps Detected with Associated Devices

Create an object for Apps with AppID, AppName and Devices fields. Devices can be a reference to your existing Devices object.

Create an OnLink importer with this mapping. This imports all apps with devices that have those apps installed.

key:id=AppID
map:displayName=AppName
map:devices=Devices|ID=${devices}
config:data_source=/v1.0/deviceManagement/detectedApps?$top=999
config:section=devices

config:filter=deviceName eq null or deviceName eq ''

Optional parameter to add filter to list devices; any valid filter expression can be used here

config:data_limit=100

Optional parameter to limit the number of users to pull from Intune. This can be used for initial testing.

OnLink processes data in two steps - Get Data and Import Data. To manually test, you can click on Get Data first and then wait until you see “No more pending records. Data will be imported on next Import run.” message in Job Logs. Then, click on Import. Production runs are fully automated based on the schedule you choose.

image-20240318-045922.png

Ensure the application you register in Azure AD has the below permissions.

image-20240323-233743.png