Setting Android Enterprise Wi-Fi policy "ConnectAutomatically" to TRUE via GRAPH

Copper Contributor

Hi,

I've really struggling to adjust a setting that's not viewable via the Endpoint Manager admin Center.
After looking at some samples here - powershell-intune-samples/DeviceConfiguration_Get.ps1 at master · microsoftgraph/powershell-intune-s... I am able to view the attributes but can for the life of me work out how to PATCH or change the settings as outlined here - Update androidWorkProfileWiFiConfiguration - Microsoft Graph beta | Microsoft Docs

Has anyone managed to do this?

 

 

$uri = "https://graph.microsoft.com/Beta/deviceManagement/deviceConfigurations/Loooooong reference ID to our Wifi policy ID"
Invoke-RestMethod -Uri $uri -Headers $authToken -Method Get

@odata.context : https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceConfigurations/$entity
@odata.type : #microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration
id : Loooooong reference ID to our Wifi policy ID
lastModifiedDateTime : 2022-01-12T09:29:09.8945527Z
roleScopeTagIds : {0}
supportsScopeTags : True
deviceManagementApplicabilityRuleOsEdition :
deviceManagementApplicabilityRuleOsVersion :
deviceManagementApplicabilityRuleDeviceMode :
createdDateTime : 2021-11-08T16:46:28.0046415Z
description :
displayName : Android Enterprise - Wi-Fi -Managed
version : 14
networkName : Another looooong number
ssid : wifi-Managed
connectAutomatically : False
connectWhenNetworkNameIsHidden : True
wiFiSecurityType : wpaEnterprise
preSharedKey :
preSharedKeyIsSet : False
eapType : eapTls
trustedServerCertificateNames : {server.ourdomain.com}
authenticationMethod : certificate
innerAuthenticationProtocolForEapTtls :
innerAuthenticationProtocolForPeap : none
outerIdentityPrivacyTemporaryValue : OurDeviceName

$Body = @{"connectAutomatically" = "True"}

Invoke-RestMethod -Method PATCH -Uri $uri -Body $Body -Headers $authToken -ContentType application/json

Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
At line:1 char:1
+ Invoke-RestMethod -Method PATCH -Uri $uri -Body $Body -Headers $authT ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

 

 

 

1 Reply

Hi @John Grenfell,

 

There are 2 option to achieve your goal. You can use the graph explorer or PowerShell scripts.

As you already mention Microsoft has a good repo with different type of scripts that can be used. 

 

URL to graph explorer

Graph Explorer - Microsoft Graph 

 

First i will explain the graph explorer method. 

 

Step 1 

Login into Graph explorer.

 

Step 2 get the configuration profile ID

Before we can change a setting in a profile with the graph explorer we need the configuration ID of the profile. You can get the profile on 2 methods, Copy the ID from the endpoint manager url or copy the ID via graph explorer.

 

URL method

Open the profile in Microsoft Endpoint manager and copy id from the url. See below print screen

Mr_Helaas_2-1642237725922.png

 

Graph Explorer method

Open the graph explorer enter the right url as i did in the print screen and In the below panel you can find all the configuration profiles and search through them for your Wifi profile and copy the profile id 

Mr_Helaas_0-1642237394240.png

 

Step 3 open Wifi profile settings with graph explorer.

Now we have the ID of the profile, we can change, delete the profile. Enter the profile ID after the url as i did in below print screen

Mr_Helaas_3-1642239577706.png

 

Now you will get in the second panel all the profile settings.

 

Step 4 patch Wifi profile settings

Now you have to paste the following code in the first pannel 

 

{
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceConfigurations/$entity",
    "@odata.type": "#microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration",
    "connectAutomatically": true
}

 

After you paste the code in the first panel you have to change the graph api from get to patch as i did in below print screen

Mr_Helaas_0-1642244910312.png

 

Now you have to click on Run query and you will receive the 200 response code and your profile is changed. 

 

The other option what you can use is a PowerShell script from the GitHub Repo. First you have to export all the configuration profiles what you can do with the DeviceConfiguration_Export.ps1 script which can be found on the following URL: powershell-intune-samples/DeviceConfiguration_Export.ps1 at master · microsoftgraph/powershell-intun...

 

Run the script and save all the profiles on your local drive. Open the Wifi profile config and change the 

"connectAutomatically" setting to true. Save your JSON file and open a new script from the GitHub Repo named DeviceConfiguration_Import_FromJSON.ps1 which can de found on the following URL: powershell-intune-samples/DeviceConfiguration_Import_FromJSON.ps1 at master · microsoftgraph/powersh...
 
After you run the import script a new profile is created.
 
I hope my explanation is clear and can help you. Please let me know if you need some more information.
 
Kind regards,
 
Rene