Skip to main content

Intune Commander

Intune Commander is a modern, cross-platform desktop application for managing Microsoft Intune configurations across Commercial, GCC, GCC-High, and DoD cloud environments. Built with .NET 10 and Avalonia UI, it reimagines the PowerShell-based IntuneManagement tool as a compiled, async-first application that eliminates the UI freezes, threading deadlocks, and data refresh issues common in PowerShell WPF tools.

Multi-Cloud Support

Native support for Commercial, GCC, GCC-High, and DoD tenants with cloud-specific authentication and Graph API endpoints

Multi-Tenant Profiles

Easy switching between tenant environments with encrypted local profile storage and quick profile import

Native Performance

Compiled .NET code eliminates PowerShell threading issues with async-first architecture for responsive UI

30+ Object Types

Manage device configurations, compliance policies, conditional access, applications, and more

Bulk Export/Import

Export and import configurations in JSON format compatible with the original PowerShell tool

LiveCharts Dashboards

Visual dashboards showing policy distribution, compliance status, and tenant overview statistics

What is Intune Commander?

Intune Commander provides a comprehensive solution for managing Microsoft Intune at scale. Whether you’re managing a single tenant or multiple environments across different cloud platforms, Intune Commander offers the tools you need to:
  • View and manage over 30 Intune object types including device configurations, compliance policies, conditional access policies, applications, endpoint security policies, and more
  • Switch seamlessly between multiple tenant environments with saved profiles
  • Export and import configurations for backup, migration, or documentation purposes
  • Visualize your Intune environment with built-in dashboards and charts
  • Export Conditional Access policies to comprehensive PowerPoint presentations
  • Debug and inspect raw JSON responses from Microsoft Graph API

Technology Stack

Intune Commander leverages modern .NET technologies for performance and reliability:
ComponentTechnology
Runtime.NET 10, C# 12
UI FrameworkAvalonia 11.3.x with FluentTheme
MVVMCommunityToolkit.Mvvm 8.2.x
AuthenticationAzure.Identity 1.17.x
Graph APIMicrosoft.Graph.Beta 5.130.x-preview
CacheLiteDB 5.0.x (AES-encrypted)
ChartsLiveChartsCore.SkiaSharpView.Avalonia
PowerPoint ExportSyncfusion.Presentation.Net.Core
This project uses Microsoft.Graph.Beta, not the stable Microsoft.Graph package. All models and GraphServiceClient come from Microsoft.Graph.Beta.* packages to access the latest Intune features.

Supported Intune Object Types

Intune Commander supports comprehensive management of: Device Management:
  • Device Configurations
  • Compliance Policies
  • Settings Catalog
  • Endpoint Security Policies
  • Administrative Templates
  • Feature Updates
  • Device Health Scripts
  • Mac Custom Attributes
Application Management:
  • Applications
  • Application Assignments
  • App Protection Policies
  • Managed Device App Configurations
  • Targeted Managed App Configurations
Identity & Access:
  • Conditional Access Policies
  • Named Locations
  • Authentication Strengths
  • Authentication Contexts
  • Terms of Use
Administration:
  • Assignment Filters
  • Policy Sets
  • Scope Tags
  • Role Definitions
  • Intune Branding
  • Azure Branding
  • Terms and Conditions
  • Enrollment Configurations
  • Autopilot Profiles
  • Dynamic Groups
  • Assigned Groups

Platform Support

Windows is the recommended and fully supported platform with all features available.
macOS has significant Avalonia limitations that currently require Device Code authentication instead of an interactive browser popup.
Linux support is planned but will initially be limited to headless/Core scenarios, with scheduled report generation as the primary target use case.

Key Features

Multi-Cloud Architecture

Intune Commander provides native support for all Microsoft cloud environments:
  • Commercial - https://graph.microsoft.com
  • GCC - https://graph.microsoft.com
  • GCC-High - https://graph.microsoft.us
  • DoD - https://dod-graph.microsoft.us
Each cloud environment uses the appropriate Azure Authority Host and Graph API endpoint, ensuring seamless authentication and API access.

Profile Management

Connection details are stored as profiles (tenant ID, client ID, cloud, auth method). Profiles are persisted locally in an encrypted file and never leave your machine. Features include:
  • Encrypted local storage using ASP.NET DataProtection
  • Profile import from JSON templates
  • Quick switching between saved profiles
  • Support for both interactive browser and client secret authentication

Export & Import Capabilities

Export configurations for backup, migration, or documentation:
  • JSON format compatible with PowerShell IntuneManagement tool
  • Folder-based organization by object type
  • Migration table tracking for ID mapping
  • Bulk import with automatic dependency resolution

Conditional Access PowerPoint Export

Export Conditional Access policies to comprehensive PowerPoint presentations with:
  • Cover slide with tenant name and export timestamp
  • Tenant summary with policy counts
  • Policy inventory table
  • Detailed slides for each policy showing conditions, grant controls, and assignments

Acknowledgments

Intune Commander is a ground-up remake of Micke-K/IntuneManagement, a PowerShell/WPF-based Intune management tool. Additional thanks to Merill Fernando for creating idPowerToys.

Getting Started

Ready to get started? Check out the Quickstart Guide to download, configure, and connect to your first tenant in minutes.

Build docs developers (and LLMs) love

Get started for freeTalk to us