Manage File Type Associations for multiple entities or departments

The purpose of this blog post is to inform you how to manage the File Type Associations for multiple entities or departments via a Microsoft List and make it easier to maintain the File Type Associations.

In my previous blog posts, I explained how to manage file type associations via Intune with a Custom Configuration Policy and a Settings catalog policy and how to manage the File Type Association via Microsoft List with a setting catalog policy.

As I already have explained in my previous blog post, I thought it was easier to manage the Global File Type Association via a Microsoft List. But most likely you have in your organization several departments or even entities.  Some entities or departments what a deviation or an add-on on one of the Global File Type Association, but it is only possible to set one File Type Association. So you have to maintain a Global list and a specific department or entity list with almost the same File Type Association.

So I decide to use Microsoft List and an Azure Logic App. I have all the managed File Type Associations in an overview. I can create deviations or add-ons per entity or department and still, I have to maintain one list.

Requirements:

  • Global Administrator
  • Azure Subscription or an Azure Logic App
  • SharePoint Site

License requirements:

  • Microsoft SharePoint
  • Microsoft Intune

Graph API Requirements:

  • DeviceManagementConfiguration.ReadWrite.All
  • DeviceManagementConfiguration.Read.All

Part 1 – Manage File Type Association via MS List

This blog post is an add-on to my previous blog post where I explained how to manage the File Type Association via a Microsoft List.

Part 2 – Extend the Microsoft List

  • Open office.com
  • Click on the menu button
  • Click on SharePoint(if you are missing the SharePoint button click on all apps)
  • Open your existing SharePoint Site with the list that you have used in my previous blog post
  • Open the Microsoft List, in my case File Type Association.
  • Click on + add column. Select Single line of text and create a new column with the following details
SettingValue
NameEntity
DescriptionE.g., Specific FTA for an entity
TypeSingle line of text
Default ValueGlobal
Use calculated valueUnchecked

Part 3 – Extend Azure Logic App

Note. Rename every Azure Logic App action to match the screenshots!

  • Open portal.azure.com
  • Search for Logic App
  • Open the File Type Association Logic app. In my case Manage_File_Type_Associations
  • Open the Logic app Designer
  • Open the action Get File Type App Association items and click on Add a new parameter
  • Select Filter Query and enter the following query
Entity eq 'Global'
  • Now we have to add new actions. Scroll down to the latest action HTTP Put – File Type Association JSON
  • First we have to initialize variables
SettingInitialize EntityFileTypeAssoc variableInitialize EntityProfileID variable
NameEntityFileTypeAssocEntityProfileID
TypeStringArray
Value[
{
“Entity”: “{entity}”,
“pid”: “{ID}”
},
{
“Entity”: “{entity}”,
“pid”: “{ID}”
}
]
  • After the variables are created, we must Parse EntityProfileID JSON via a Parse JSON action with the content of EntityProfileID and add the following schema
{
    "items": {
        "properties": {
            "Entity": {
                "type": "string"
            },
            "pid": {
                "type": "string"
            }
        },
        "required": [
            "pid",
            "Entity"
        ],
        "type": "object"
    },
    "type": "array"
}
  • It’s time to do some magic and create a For each Entity FTA Click on the 3 bullets and select Settings
  • Turn on the Concurrency Control and set Degree of Parallelism to 1 so, it run sequentially
  • Click on Done
  • The next step is to set variables to null.
Set variable EntityFileTypeAssoc to $nullSet variable FileTypeAssoc to $null
EntityFileTypeAssoc@{null}
FileTypeAssoc@{null}
  • Now we want to get the entity-specific file types. Create a Get Items action and rename to Get Entity File Type App Association items.
  • Select the same SharePoint Site Addressand the Microsoft List as you have already used in previous Get item
  • On the Get Entity File Type App Association items action click on Add a new parameter
  • Select Filter Query and enter the following query
Entity eq '@{items('For_each_Entity_FTA')['Entity']}'
  • After the get items action, we must create a For each Entity File Type App Association loop with the value of Get Entity File Type App Association items
  • Add a Compose action
<Association Identifier="@{items('For_each_Entity_File_Type_App_Association')?['Identifier']}" ProgId="@{items('For_each_Entity_File_Type_App_Association')?['ProgId0']}" ApplicationName="@{items('For_each_Entity_File_Type_App_Association')?['Title']}" />
  • After the Compose Entity File Type Association, we must create and Append to string variable action.
SETTINGVALUE
NameEntityFileTypeAssoc
Value@{outputs(‘Compose_Entity_File_Type_Association’)}
  • The For each Entity File Type App Association loop is ready, we must create another for each loop, this time For each Global FTA with the valueof Get File Type App Association items.
  • Create a condition action with the following condition
@variables('EntityFileTypeAssoc') contains @items('For_each_Global_FTA')?['Identifier']
  • We only want the global file types that are not in the entity list, so add a compose action named Compose Entity Global File Type Association in the false part of the condition.
<Association Identifier="@{items('For_each_Global_FTA')?['Identifier']}" ProgId="@{items('For_each_Global_FTA')?['ProgId0']}" ApplicationName="@{items('For_each_Global_FTA')?['Title']}" />
  • Now we create again and Append to string variable action named Append Entity Global File Type Assoc variable.
SETTINGVALUE
NameFileTypeAssoc
Value@{outputs(‘Compose_Entity_Global_File_Type_Association’)}
  • This For each Global FTA is now also ready to rock.
  • Create a new compose action to Compile Entity File Type App Association XML



@{concat(variables(‘EntityFileTypeAssoc’),variables(‘FileTypeAssoc’))}

  • The next Compose action is to encode the File Type Association XML file with Base64.
base64(outputs('Compile_Entity_File_Type_App_Association_XML'))
  • The Entity File Type Association files are ready to deploy. Create an HTTP action to get the Entity File Type Association Settings Catalog Profile Data
  • The File Type Association files are ready to deploy. Create an HTTP action in the For each Entity FTA loop to get the Settings Catalog Profile Data
SettingValue
MethodGET
Authentication TypeActive Directory OAuth
Tenant@{variables(‘TenantID’)}
Audiencehttps://graph.microsoft.com/
Client ID@{variables(‘ClientID’)}
Credential TypeSecret
Secret@{variables(‘Secret’)}
  • URI:
https://graph.microsoft.com/beta/deviceManagement/configurationPolicies/@{items('For_each_Entity_FTA')['pid']}
  • After the HTTP Get – Entity Settings Catalog Profile Data, we have the Settings Catalog profile data, and we must remove some properties to import the File Type Association XML base64 file. Create four compose actions.

Remove createdDateTime from Entity SC Profile Data:

@{removeProperty(body('HTTP_Get_-_Entity_Settings_Catalog_Profile_Data'),'createdDateTime')}

Remove lastModifiedDateTime from Entity SC Profile Data:

@{removeProperty(outputs('Remove_createdDateTime_from_Entity_SC_Profile_Data'),'lastModifiedDateTime')}

Remove settingCount from Entity SC Profile Data:

@{removeProperty(outputs('Remove_lastModifiedDateTime_from_SC_Profile_Data'),'settingCount')}

Remove id from Entity SC Profile Data:

@{removeProperty(outputs('Remove_settingCount_from_SC_Profile_Data'),'id')}
  • After we have removed the properties, we will Compile Entity Settings Catalog Profile Data Settings Definitions via a compose action
{
  "settingInstance": {
    "@@odata.type": "#microsoft.graph.deviceManagementConfigurationSimpleSettingInstance",
    "settingDefinitionId": "device_vendor_msft_policy_config_applicationdefaults_defaultassociationsconfiguration",
    "settingInstanceTemplateReference": null,
    "simpleSettingValue": {
      "@@odata.type": "#microsoft.graph.deviceManagementConfigurationStringSettingValue",
      "settingValueTemplateReference": null,
      "value": "@{outputs('Encode_Entity_File_Type_App_Association_XML_file_with_Base64')}"
    }
  }
}
  • Now it is time to built up the JSON. Create a compose action to Compile Entity Settings Catalog File Type Association JSON
@{addProperty(outputs('Remove_id_from_Entity_SC_Profile_Data'),'settings',array(outputs('Compile_Entity_Settings_Catalog_Profile_Data_Settings_Definitions')))}
  • The JSON is ready to update the Settings Catalog Profile. Create the last HTTP named HTTP Put – Entity File Type Association JSON
SettingValue
MethodGET
Authentication TypeActive Directory OAuth
Tenant@{variables(‘TenantID’)}
Audiencehttps://graph.microsoft.com/
Client ID@{variables(‘ClientID’)}
Credential TypeSecret
Secret@{variables(‘Secret’)}
Body@{outputs(‘Compile_Entity_Settings_Catalog_File_Type_Association_JSON’)}
  • URI:
https://graph.microsoft.com/beta/deviceManagement/configurationPolicies/@{items('For_each_Entity_FTA')['pid']}

Part 2 Azure Logic App flow

Result after change in File Type Association

0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.