Looking for a bit of help with the Intune Powershell/graph interface.
I'm trying to manipulate Intune Device Categories via Powershell, so that I can firstly correct devices that were placed into the wrong category during enrollment, and secondly, I'm in the middle of moving from Hybrid SCCM/Intune to Azure Intune and where we're not using Device Categories for devices already enrolled into SCCM Hybrid Intune, I want to use powershell to loop through a CSV file full of device serial numbers / IMEI numbers and place corporate devices into the right device category.
Investigating the powershell/graph interface for Intune, I can do something like
Get-IntuneManagedDevice -Filter "IMEI eq '01 012345 678910 1'" (Or -Filter "serialNumber eq 'DEADBEEF'" or whatever) and get my all my device's details output. This includes a field for "deviceCategoryDisplayName", which is the value I want to change.
I can even do Get-IntuneManagedDevice -Filter "serialNumber eq 'DEADBEEF'"| select manageddeviceid to get the managedDeviceID value as an output.
As far as I can tell, this should work with Update-IntuneManagedDevice (see below)
get-help Update-IntuneManagedDevice -detailed
NAME
Update-IntuneManagedDevice
SYNOPSIS
Updates a "microsoft.graph.managedDevice".
SYNTAX
Update-IntuneManagedDevice -managedDeviceId <string>
So I should be able to update a device by using its managed Device ID?
What I can't do is:
Get-IntuneManagedDevice -Filter "serialNumber eq 'deadbeef'"| select manageddeviceid | Update-IntuneManagedDevice -deviceCategoryDisplayName 'BYOD'
When I try, I get the error below. Clearly I'm doing something wrong but can anyone point me in the right direction? I don't think that what I'm trying to do is fundamentally unreasonable... is it?
(just to be clear, doing Get-IntuneManagedDevice -managedDeviceID deadbeef-aaaa-bbbb-cccc-0123456789ab returns my target device details ok, and running Update-IntuneManagedDevice -managedDeviceID deadbeef-aaaa-bbbb-cccc-0123456789ab -deviceCategoryDisplayName 'BYOD' gives me the same error)
Update-IntuneManagedDevice : 400 Bad Request
{
"error": {
"code": "InternalError",
"message": "{\r\n \"_version\": 3,\r\n \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 6f743002-b0e0-48ed-a25d-0cdd33870efd - Url:
https://fef.msub02.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDe... \"CustomApiErrorPhrase\":
\"\",\r\n \"RetryAfter\": null,\r\n \"ErrorSourceService\": \"\",\r\n \"HttpHeaders\": \"{}\"\r\n}",
"innerError": {
"request-id": "6f743002-b0e0-48ed-a25d-0cdd33870efd",
"date": "2019-03-06T14:08:02"
}
}
}
At line:1 char:92
+ ... ddeviceid | Update-IntuneManagedDevice -deviceCategoryDisplayName 'BY ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ConnectionError: (@{Request=; Response=}:PSObject) [Update-IntuneManagedDevice], HttpRequestException
+ FullyQualifiedErrorId : PowerShellGraphSDK_HttpRequestError,Microsoft.Intune.PowerShellGraphSDK.PowerShellCmdlets.Update_IntuneManagedDevice
Having done some work on this, there is a need to work with the MS Graph functions for Intune PowerShell at the moment. You will also need to work with the GUID ID numbers for the device at the category.
Get Intune Device Catgories with
Get-IntuneDeviceCategoryand Intune Device ID withGet-IntuneManagedDevice(note here you want the "ID" field, not the "AzureADDeviceID".Here is a working prototype