Proactive Remediation reboot reminders via Toast Notifications
Regularly rebooting user devices is crucial for maintaining optimal performance and stability. Over time, as well all know, a computer's resources become strangled by various applications that run automatically on startup and consume memory and processing power. Restarting the device clears all processes and resources, allowing the computer to start afresh. This can also resolve hardware and software issues that may have accumulated over time. This PowerShell Intune Proactive Remediation helps remind users to reboot their computers by displaying a customizable toast notification reminder.
Detection
The code uses the PowerShell Get-ComputerInfo cmdlet to retrieve information about the computer's operating system uptime. The script then checks if the number of days since the last system reboot is greater than or equal to 7 days. If the condition is true, the script outputs a message to notify the user to reboot the device and exits with a code of 1. Alternatively, if the condition is false, the script outputs a message that indicates the number of days since the last system reboot and exits with a code of 0, which means that everything is okay. Intune will then take this output and run the remediation script as necessary.
$Uptime= get-computerinfo | Select-Object OSUptime
if ($Uptime.OsUptime.Days -ge 7){
Write-Output "Device has not rebooted in $($Uptime.OsUptime.Days) days, notify user to reboot"
Exit 1
}else {
Write-Output "Device has rebooted $($Uptime.OsUptime.Days) days ago, all good"
Exit 0
}
Remediation
The remediation script displays a toast notification on the user's device reminding them to restart their computer for performance and stability reasons. The script fetches a logo image from an external URI of your choosing and defines the notification settings such as title, header, and body text. Finally, the script sets up the XML for the toast notification and sends it to the user's device.
function Display-ToastNotification() {
$Load = [Windows.UI.Notifications.ToastNotificationManager, Windows.UI.Notifications, ContentType = WindowsRuntime]
$Load = [Windows.Data.Xml.Dom.XmlDocument, Windows.Data.Xml.Dom.XmlDocument, ContentType = WindowsRuntime]
# Load the notification into the required format
$ToastXML = New-Object -TypeName Windows.Data.Xml.Dom.XmlDocument
$ToastXML.LoadXml($Toast.OuterXml)
# Display the toast notification
try {
[Windows.UI.Notifications.ToastNotificationManager]::CreateToastNotifier($App).Show($ToastXml)
}
catch {
Write-Output -Message 'Something went wrong when displaying the toast notification' -Level Warn
Write-Output -Message 'Make sure the script is running as the logged on user' -Level Warn
}
}
# Setting image variables
$HeroImageUri = "https://yourcloudstorageprovider.com/logo.png"
$HeroImage = "$env:TEMP\ToastHeroImage.png"
$Uptime= get-computerinfo | Select-Object OSUptime
#Fetching image from uri
Invoke-WebRequest -Uri $HeroImageUri -OutFile $HeroImage
#Defining the Toast notification settings
#ToastNotification Settings
$Scenario = 'reminder' # <!-- Possible values are: reminder | short | long -->
# Load Toast Notification text
$AttributionText = "`n> Jorgeasaurus"
$HeaderText = "Computer Restart is needed!"
$TitleText = "Your device has not performed a reboot the last $($Uptime.OsUptime.Days) days"
$BodyText1 = "For performance and stability reasons we suggest a reboot at least once a week."
$BodyText2 = "Please save your work and restart your device today. Thank you in advance."
# Check for required entries in registry for when using Powershell as application for the toast
# Register the AppID in the registry for use with the Action Center, if required
$RegPath = 'HKCU:\SOFTWARE\Microsoft\Windows\CurrentVersion\Notifications\Settings'
$App = '{1AC14E77-02E7-4E5D-B744-2EB1AE5198B7}\WindowsPowerShell\v1.0\powershell.exe'
# Creating registry entries if they don't exists
if (-NOT(Test-Path -Path "$RegPath\$App")) {
New-Item -Path "$RegPath\$App" -Force
New-ItemProperty -Path "$RegPath\$App" -Name 'ShowInActionCenter' -Value 1 -PropertyType 'DWORD'
}
# Make sure the app used with the action center is enabled
if ((Get-ItemProperty -Path "$RegPath\$App" -Name 'ShowInActionCenter' -ErrorAction SilentlyContinue).ShowInActionCenter -ne '1') {
New-ItemProperty -Path "$RegPath\$App" -Name 'ShowInActionCenter' -Value 1 -PropertyType 'DWORD' -Force
}
# Formatting the toast notification XML
[xml]$Toast = @"
<toast scenario="$Scenario">
<visual>
<binding template="ToastGeneric">
<image placement="hero" src="$HeroImage"/>
<text placement="attribution">$AttributionText</text>
<text>$HeaderText</text>
<group>
<subgroup>
<text hint-style="title" hint-wrap="true" >$TitleText</text>
</subgroup>
</group>
<group>
<subgroup>
<text hint-style="body" hint-wrap="true" >$BodyText1</text>
</subgroup>
</group>
<group>
<subgroup>
<text hint-style="body" hint-wrap="true" >$BodyText2</text>
</subgroup>
</group>
</binding>
</visual>
<actions>
<action activationType="system" arguments="dismiss" content="$DismissButtonContent"/>
</actions>
</toast>
"@
#Send the notification
Display-ToastNotification
Exit 0Deploying via Intune
Navigate to your Proactive remediations blade in the Intune console:
Note: Microsoft may be soon changing the location for Proactive Remediations within Intune.
Click "Create script package"
Enter Name and Description
Upload detection and remediation scripts
Be sure to set "Run this script using the logged-on credentials" and "Run script in 64-bit PowerShell" to "Yes".
Set any scope tags as needed
Assign the Proactive Remediation
Caution: Include or Exclude either device groups or user groups. Do not mix user and device groups across, include and excluding assignments. This can cause unexpected behavior.
Confirm and click Create
This remediation will be a gentle nudge for users to periodically reboot their devices and will hopefully improve Windows Update metrics among other things.
> Jorgeasaurus