cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Managing Intune Device Categories via Powershell

Robert Moir
Copper Contributor

‎Mar 06 2019 06:31 AM - edited ‎Mar 06 2019 06:36 AM

‎Mar 06 2019 06:31 AM - edited ‎Mar 06 2019 06:36 AM

Managing Intune Device Categories via Powershell

Hi all,

Looking for a bit of help with the Intune Powershell/graph interface.

 

I'm trying to manipulate Intune Device Categories via Powershell, so that I can firstly correct devices that were placed into the wrong category during enrollment, and secondly, I'm in the middle of moving from Hybrid SCCM/Intune to Azure Intune and where we're not using Device Categories for devices already enrolled into SCCM Hybrid Intune, I want to use powershell to loop through a CSV file full of device serial numbers / IMEI numbers and place corporate devices into the right device category.

 

So, investigating the powershell/graph interface for Intune, I can do something like 

 

Get-IntuneManagedDevice -Filter "IMEI eq '01 012345 678910 1'" (Or -Filter "serialNumber eq 'DEADBEEF'" or whatever) and get my all my device's details output. This includes a field for "deviceCategoryDisplayName", which is the value I want to change.

 

I can even do Get-IntuneManagedDevice -Filter "serialNumber eq 'DEADBEEF'"| select manageddeviceid to get the managedDeviceID value as an output.

 

As far as I can tell, this should work with Update-IntuneManagedDevice? (see below)

 

get-help Update-IntuneManagedDevice -detailed

NAME
Update-IntuneManagedDevice

SYNOPSIS
Updates a "microsoft.graph.managedDevice".

SYNTAX
Update-IntuneManagedDevice -managedDeviceId <string>

 

So I should be able to update a device by using its managed Device ID? 

What I can't do is:

Get-IntuneManagedDevice -Filter "serialNumber eq 'deadbeef'"| select manageddeviceid | Update-IntuneManagedDevice -deviceCategoryDisplayName 'BYOD'

 

I get the error below. Clearly I'm doing something wrong but can anyone point me in the right direction? I don't think that what I'm trying to do is fundamentally unreasonable... is it?

 

(just to be clear, doing Get-IntuneManagedDevice -managedDeviceID deadbeef-aaaa-bbbb-cccc-0123456789ab  returns my target device details ok, and running Update-IntuneManagedDevice -managedDeviceID deadbeef-aaaa-bbbb-cccc-0123456789ab -deviceCategoryDisplayName 'BYOD' gives me the same error)

 

Update-IntuneManagedDevice : 400 Bad Request
{
"error": {
"code": "InternalError",
"message": "{\r\n \"_version\": 3,\r\n \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 6f743002-b0e0-48ed-a25d-0cdd33870efd - Url:
https://fef.msub02.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDe... \"CustomApiErrorPhrase\":
\"\",\r\n \"RetryAfter\": null,\r\n \"ErrorSourceService\": \"\",\r\n \"HttpHeaders\": \"{}\"\r\n}",
"innerError": {
"request-id": "6f743002-b0e0-48ed-a25d-0cdd33870efd",
"date": "2019-03-06T14:08:02"
}
}
}
At line:1 char:92
+ ... ddeviceid | Update-IntuneManagedDevice -deviceCategoryDisplayName 'BY ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ConnectionError: (@{Request=; Response=}:PSObject) [Update-IntuneManagedDevice], HttpRequestException
+ FullyQualifiedErrorId : PowerShellGraphSDK_HttpRequestError,Microsoft.Intune.PowerShellGraphSDK.PowerShellCmdlets.Update_IntuneManagedDevice

Labels:
31.1K Views
1 Like
9 Replies
Reply
9 Replies
Steve Prentice

‎Feb 11 2020 12:21 PM

‎Feb 11 2020 12:21 PM

Re: Managing Intune Device Categories via Powershell

@Robert Moir Did you ever work this out?... it's an interesting thread and sad to see no one's replied.

1 Like
Reply
gmmarin

‎Jul 20 2020 03:44 PM

‎Jul 20 2020 03:44 PM

Re: Managing Intune Device Categories via Powershell

@Robert Moir have you tried editing the data via MSGraph? 

Here's a Reddit article by u/kjubus

0 Likes
Reply
AhmadShehadeh

‎Mar 25 2021 03:10 PM

‎Mar 25 2021 03:10 PM

Re: Managing Intune Device Categories via Powershell

I have the same question.
0 Likes
Reply
Devraj_Mukherjee

‎Jul 16 2021 07:59 PM

‎Jul 16 2021 07:59 PM

Re: Managing Intune Device Categories via Powershell

There is one article where i see you would need to register an app first in azure for graph api and then make changes to device category
0 Likes
Reply
Rudy_Ooms_MVP

‎Jul 17 2021 11:19 PM - edited ‎Jul 17 2021 11:22 PM

‎Jul 17 2021 11:19 PM - edited ‎Jul 17 2021 11:22 PM

Re: Managing Intune Device Categories via Powershell

$clientId = "d1ddf0e4-d672-4dae-b554-9d5bdfd93547"
$redirectUri = "urn:ietf:wg:oauth:2.0:oob"
$resourceURI = "https://graph.microsoft.com/"
$authority = "https://login.microsoftonline.com/common"
$AadModule = Import-Module -Name AzureAD -ErrorAction Stop -PassThru
$adal = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.dll"
$adalforms = Join-Path $AadModule.ModuleBase "Microsoft.IdentityModel.Clients.ActiveDirectory.Platform.dll"
[System.Reflection.Assembly]::LoadFrom($adal) | Out-Null
[System.Reflection.Assembly]::LoadFrom($adalforms) | Out-Null
$authContext = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.AuthenticationContext" -ArgumentList $authority
$platformParameters = New-Object "Microsoft.IdentityModel.Clients.ActiveDirectory.PlatformParameters" -ArgumentList "Always"
$authResult = $authContext.AcquireTokenAsync($resourceURI, $ClientID, $RedirectUri, $platformParameters)
$accessToken = $authResult.result.AccessToken


$body = @"
{"@odata.id":"https://graph.microsoft.com/beta/deviceManagement/deviceCategories/2b259feb-0bca-48ed-9dbb-1b87c6275..."}
"@

$apiurl = "https://graph.microsoft.com/beta/deviceManagement/managedDevices('bd93f0f3-fe56-43fe-823c-c41a99b473...`$ref"

$Data = Invoke-RestMethod -Headers @{Authorization = "Bearer $($authResult.result.AccessToken)"} -Uri $apiUrl -Body $body -Method Put -ContentType 'application/json'

 

 

beware of the apiurl: ('bd93f0f3-fe56-43fe-823c-c41a99b4737f')/deviceCategory/`$ref"


2b259feb-0bca-48ed-9dbb-1b87c627521b = personal owned devices
377fdc15-6f3c-4165-b5b3-98261a8243da = company owned devices

0 Likes
Reply
Jannik_Reinhard

‎Jul 19 2021 08:10 AM

‎Jul 19 2021 08:10 AM

Betreff: Managing Intune Device Categories via Powershell

@Robert Moir :

I have created a blog post about device category. At the end of this post you can also find a script how to change the category via a powersehll script. Hope this helps you.

Regards

Jannik

 

0 Likes
Reply
Marco_Di_Silvestre

‎Nov 04 2022 05:09 AM

‎Nov 04 2022 05:09 AM

Re: Betreff: Managing Intune Device Categories via Powershell

@Jannik_ReinhardHi Jannik, thank you very much for your post. I hope you can still help me with a problem: I have to update the device category for about 500 devices of my company and these must be selected for a string present in the device name. For example, if the name of the device is "computer1-not" the category must be "pc laptop", in this case if the query finds the string "-not" in the name it must associate the category "pc laptop" to the device . How can I modify your script to achieve this? Thanks so much for the invaluable help. Marco

0 Likes
Reply
Jannik_Reinhard

‎Nov 04 2022 09:10 AM

‎Nov 04 2022 09:10 AM

Re: Betreff: Managing Intune Device Categories via Powershell

I have created a new script for you. This includes an filter. Depending of this filter is true or false other categories will be set. Hope this help you. Please let me know if you need some support.

https://github.com/JayRHa/Intune-Scripts/blob/main/Change-DeviceCategory/Change-DeviceCategoryMulti....
0 Likes
Reply
Marco_Di_Silvestre

‎Nov 04 2022 09:29 AM

‎Nov 04 2022 09:29 AM

Re: Betreff: Managing Intune Device Categories via Powershell

@Jannik_Reinhard thank you very much, I really appreciate your help. I'll try your script and let you know if all work fine.

Thanks!

Marco

1 Like
Reply