Best Guide to Turn on PowerShell Transcription with Intune

In this article, I will explain how to use a configuration profile to Turn on Powershell Transcription with Microsoft Intune. When you turn on this feature and run scripts, PowerShell will start recording all input and output to the specified log file. You can then review the log file to see exactly what commands were executed and their results.

It’s worth noting that PowerShell transcription captures all input and output, including sensitive information such as passwords, so it’s important to handle the transcript files securely and ensure they are only accessible to authorized personnel.

Additionally, transcription may have performance implications, especially in long-running sessions or sessions with a large amount of output, so it’s a good idea to use it judiciously and only when necessary.

PowerShell transcription is a valuable tool for auditing, troubleshooting, and documenting PowerShell sessions, especially in enterprise environments where accountability and compliance are essential.

Patch My PC
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 1
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 1

What is PowerShell Transcription?

PowerShell transcription is a feature that allows you to record all the input and output of a PowerShell session to a text file. It essentially creates a log of everything that happens in a PowerShell session, including the commands you run and their results. This can be useful for auditing, troubleshooting, and analyzing PowerShell sessions, especially in environments where strict compliance or security requirements apply.

Create Configuration Profile to Trun on PowerShell Transcription with Intune

Follow the below-mentioned steps to create a policy to Turn on Powershell Transcription with Intune

Adaptiva
  • Sign In to the Microsft Intune Admin Center
  • Navigate to Devices  Windows > Configuration Profiles
  • Click on +Create +New Policy
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 2
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 2

In the next step, we can create a new Configuration Profile starting from scratch. For that, give the below values as mentioned.

  • Platform: Windows 10 and later
  • Profile type: Settings catalog
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 3
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 3

In the Basics page, we can give the Configuration profile name as “Turn on PowerShell Transcription” and click on Next

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 4
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 4

On the Configuration Settings pane now we can add the required settings. For that, click on +Add settings in the bottom left corner of the page.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 5
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 5

Note! In our testing we have discovered admins may experience performance degradation when greater than 400 settings are added to a single policy. While we continue to make improvements, please take this into consideration when designing your policies.

Search for “PowerShell Transcription” as a keyword. This will help you find the correct policy based on our current needs. Now you can see the “Administrative Teamplates\Windows Components\Windows PowerShell” under the Browse by category. Click on that and pick the settings below.

  • Turn on the PowerShell Transcription
    • Include invocation headers: (Device)
    • Transcript output directory (Device)
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 6
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 6
Policy SettingsDetailed Description
Turn on PowerShell Transcription
This policy setting lets you capture the input and output of Windows PowerShell commands into text-based transcripts. If you enable this policy setting, Windows PowerShell will enable transcripting for Windows PowerShell, the Windows PowerShell ISE, and any other applications that leverage the Windows PowerShell engine. By default, Windows PowerShell will record transcript output to each users’ My Documents directory, with a file name that includes ‘PowerShell_transcript‘, along with the computer name and time started. Enabling this policy is equivalent to calling the Start-Transcript cmdlet on each Windows PowerShell session. If you disable this policy setting, transcripting of PowerShell-based applications is disabled by default, although transcripting can still be enabled through the Start-Transcript cmdlet. If you use the OutputDirectory setting to enable transcript logging to a shared location, be sure to limit access to that directory to prevent users from viewing the transcripts of other users or computers. Note: This policy setting exists under both Computer Configuration and User Configuration in the Group Policy Editor. The Computer Configuration policy setting takes precedence over the User Configuration policy setting.
Best Guide to Turn on PowerShell Transcription with Intune. Table. 1

Close the Settings picker window and toggle the “Turn on PowerShell Transcription” option as Enabled. Include invocation headers: (Device) toggle to True

Now it will ask for the Transcript output directory (Device). Here in this example, we can give a path as

  • C:\temp\Logs\PowerShell Transcription

This will create a new directory to save the logs for PowerShell Transcription.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 7
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 7

On the next page, Leave the Scope tags Default; if you have any custom scope tag available, you can also select that for this deployment.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 8
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 8

Click on Next and assign the policy to HTMD – Test Computers. In the Included Groups option, click on Add Groups and select the required device group.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 9
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 9

On the Review + Create page, carefully review all the settings you’ve defined to Turn on the PowerShell Transcription policy. Once you’ve confirmed everything is correct, select Create to implement the changes.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 10
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 10

Monitor the Turn on PowerShell Transcription Policy in Intune

This particular policy has been deployed to the Microsoft Entra ID group (HTMD – Test Computers). The policy will take effect as soon as possible once the device is synced.

To monitor the policy deployment status from the Intune Portal, follow the below-mentioned steps.

Navigate to Devices > Windows > Configuration Profiles > Search for the “Turn on PowerShell Transcription” policy. Under the Device and user check-in status, you can see the deployment status for the same.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 11
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 11

End User Experience – Turn on PowerShell Transcription Policy

Log in to one of the policy-targeted devices, and you can see the defined folder created (C:\temp\Logs\PowerShell Transcription) and subfolders based on the date (20240329)

To ensure the Trun on PowerShell Transcription policy works as expected, I am running a simple command”Get-WindowsUpdateLog” in Windows PowerShell ISE. Immediately, the respective logs get generated, which will have all the information for the entire process.

Best Guide to Turn on PowerShell Transcription with Intune. Fig. 12
Best Guide to Turn on PowerShell Transcription with Intune. Fig. 12

I appreciate you taking the time to read my article. I’m excited to see you in the upcoming post. Continue to support the HTMD Community.

We are on WhatsApp. To get the latest step-by-step guides and news updates, Join our Channel. Click hereHTMD WhatsApp.

Author

Vaishnav K has over 10+ years of experience in SCCM, Device Management, and Automation Solutions. He writes and imparts his knowledge about Microsoft Intune, Azure, PowerShell scripting, and automation. Check out his profile on LinkedIn.

Leave a Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.