Start-MDATPIsolation errors on DeviceName when using DeviceID

[RedLee3]

Describe the bug Using the Start-MDATPIsolation command with a specified DeviceID errors out when tryign to get a device name. This occurs with or without the -whatif switch.

MetadataError: C:\Users\(install location)\Documents\WindowsPowerShell\Modules\PSMDATP\1.0.0\PSMDATP.psm1:3225
Line |
3225 |          $DeviceName = $DeviceName.ToLower()
     |          ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
     | The variable cannot be validated because the value  is not a valid value for the DeviceName variable.

VERBOSE: GET https://api.securitycenter.windows.com/api/machines with 0-byte payload
VERBOSE: received 4711333-byte response of content type application/json
VERBOSE: Content encoding: utf-8
What if: Performing the operation "Start Isolation: Full" on target "".

To Reprodce Run a command like the below(occurs when not using -whatif switch): Start-MDATPIsolation -DeviceID $ID -IsolationType Full -WhatIf

Desktop (please complete the following information):

• OS: Windows 10
• PSVersion 7.1.1

Additional context Using version 1.0.0

[alexverboon]

Hello @RedLee3 , thanks for brining this up, I will look into this and fix it with the next update of the module.

[LinkOps]

Hi @alexverboon

I think this issue is also affecting Remove-MDATPDevice as well

Happy to test any pre-release if you need to. I wanted to clean up some devices on my estate that were test devices and can't be removed other ways. Your bundle looks to be useful and easier to use.

[LinkOps]

@alexverboon

I've fixed Remove-MDATPDevice under pull request 4) and from looking at Start-MDATPIsolation looks like the same fix tactic would work for that too. I'll submit another pull request for that file and update accordingly.