May 17 2022 08:41 AM
I'm new to Microsoft Graph. I seem to be having basic authentication issues that I do not know how to work past.
I'm trying to get information out of Azure AD and/or Intune to gather information regarding devices, specifically bitlocker recovery keys.
Before getting that far, I'm just doing basic Get-mgdevice but I get insufficient privileges. I'm just using the Connect-MgGraph cmdlet with no parameters. Doing this I get connected but I guess my default permissions are too limited in this method. I am a Cloud Device Administrator though for testing purposes but at some point need to narrow down these permissions.
At any rate if I try to connect with Connect-MgGraph -Scopes "Device.Read.All" I'm lead to a page that says admin consent is required. Apparently I'm not the correct sort of admin so I cannot consent. With that said I'm trying to right a script for many users to run so I don't want them to all have ability to consent anything. I just want the script to run.
So I don't know what I'm doing and am at a roadblock. All the documentation I find makes little sense to me so apparently.
Note: I have another script that uses Connect-MSGraph cmdlet (like many sample scripts I find) but I cannot find the difference between MSGraph and MgGraph. Also it is my understanding this information can be found both in AzureAD as well as Intune with Intune possibly having different cmdlets? So confusing.
Any guidance is appreciated. TIA.
Jun 23 2022 06:09 AM
SolutionJun 23 2022 12:17 PM
Jun 23 2022 06:09 AM
Solution