msgraph-sdk-powershell icon indicating copy to clipboard operation
msgraph-sdk-powershell copied to clipboard

Published 20 hours ago verified publisher icon microsoftgraph

Update-MgDeviceManagementManagedDevice does not allow you to update primary user

Open aklinden opened this issue 1 year ago • 0 comments

Describe the bug

Trying to create an automation that sets the primary user property to reflect the user that's been assigned the device. But it doesn't seem like Update-MgDeviceManagement even works. -ManagedDeviceid works just fine, but neither -Users or -BodyParameters seem to work properly.

Expected behavior

Based on the description, it seems like it should update the device object in Intune.

How to reproduce

With -Bodyparamater

$testid = ((Get-ADComputer computername).objectguid).guid

$deviceid = (Get-MgDeviceManagementManagedDevice -filter "AzureADDeviceid eq '$testid'").id

$user = Get-MgUser -Filter "userprincipalname eq '[email protected]'"

$params = @{
    UserDisplayName = $user.DisplayName
    UserEmail = $user.UserPrincipalName
    userid = $user.id
    UserPrincipalName = $user.UserPrincipalName
   }

Update-MgDeviceManagementManagedDevice -ManagedDeviceId $deviceid -BodyParameter $params

With -Users

$user = Get-MgUser -Filter "userprincipalname eq '[email protected]'"

$testid = ((Get-ADComputer computername).objectguid).guid

$deviceid = (Get-MgDeviceManagementManagedDevice -filter "AzureADDeviceid eq '$testid'").id

Update-MgDeviceManagementManagedDevice -ManagedDeviceId $deviceid -BodyParameter $params -Users $user

### SDK Version

2.19

### Latest version known to work for scenario above?

_No response_

### Known Workarounds

Trying to use the `MgDeviceRegisteredOwnerByRef` cmdlets to make the change in Azure, but those don't have App permissions assigned. 

### Debug output

<details><summary>Click to expand log</summary>

DEBUG: [CmdletBeginProcessing]: - Update-MgDeviceManagementManagedDevice begin processing with parameterSet 'Update'.

Confirm Continue with this operation? [Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): y DEBUG: [Authentication]: - AuthType: 'AppOnly', TokenCredentialType: 'ClientCertificate', ContextScope: 'Process', AppName: 'Company_App_Name'.

Confirm Continue with this operation? [Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): y DEBUG: [Authentication]: - Scopes: [Device.ReadWrite.All, User.ReadWrite.All, UserAuthenticationMethod.ReadWrite.All, Directory.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All, Organization.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All, GroupMember.ReadWrite.All, AuditLog.Read.All, DeviceManagementConfiguration.ReadWrite.All, DeviceManagementApps.ReadWrite.All].

Confirm Continue with this operation? [Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): y

Confirm Are you sure you want to perform this action? Performing the operation "Update-MgDeviceManagementManagedDevice_Update" on target "Call remote 'PATCH /deviceManagement/managedDevices/{managedDevice-id}' operation". [Y] Yes [A] Yes to All [N] No [L] No to All [S] Suspend [?] Help (default is "Y"): y DEBUG: ============================ HTTP REQUEST ============================

HTTP Method: PATCH

Absolute Uri: https://graph.microsoft.com/v1.0/deviceManagement/managedDevices/{mymanagedDevice-id}

Headers: FeatureFlag : 00000043 Cache-Control : no-store, no-cache User-Agent : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.22631; en-US),PowerShell/5.1.22621.4111 Accept-Encoding : gzip SdkVersion : graph-powershell/2.19.0 client-request-id : df064533-b8ca-43d5-a3bc-2f16f03d162b

Body: { "UserEmail": "[email protected]" }

Confirm Continue with this operation? [Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): y DEBUG: ============================ HTTP RESPONSE ============================

Status Code: NoContent

Headers: Strict-Transport-Security : max-age=31536000 request-id : b8271a37-ad0e-46ed-8edf-45751ea28a14 client-request-id : df064533-b8ca-43d5-a3bc-2f16f03d162b x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"West US 2","Slice":"E","Ring":"4","ScaleUnit":"001","RoleInstance":"MW2PEPF000031CA"}} Date : Fri, 04 Oct 2024 22:17:49 GMT

Body:

Confirm Continue with this operation? [Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): y DEBUG: [CmdletEndProcessing]: - Update-MgDeviceManagementManagedDevice end processing.

Confirm Continue with this operation? [Y] Yes [A] Yes to All [H] Halt Command [S] Suspend [?] Help (default is "Y"): y

</details>


### Configuration

Name                           Value
----                           -----
PSVersion                      5.1.22621.4111
PSEdition                      Desktop
PSCompatibleVersions           {1.0, 2.0, 3.0, 4.0...}
BuildVersion                   10.0.22621.4111
CLRVersion                     4.0.30319.42000
WSManStackVersion              3.0
PSRemotingProtocolVersion      2.3
SerializationVersion           1.1.0.1

OS  - Windows 11
Architecture - x64

I don't think this is specific to this configuration.

### Other information

_No response_

aklinden avatar Oct 04 '24 22:10 aklinden