msgraph-sdk-powershell icon indicating copy to clipboard operation
msgraph-sdk-powershell copied to clipboard
verified publisher icon microsoftgraph

Get-MgDeviceManagementManagedDevice does not seem to return values for "Notes" field of managed devices.

Open MC-CW25 opened this issue 1 month ago • 2 comments

Describe the bug

Hi, the following cmdlet does not seem to be working for the Notes property / field:

Get-MgDeviceManagementManagedDevice -filter "devicename eq 'deviceName'" | fl

Notes is shown as blank.

Expected behavior

Should show contents of the Notes property that is displayed in Intune

How to reproduce

Connect-MgGraph Get-MgDeviceManagementManagedDevice -filter "devicename eq 'deviceName'" | fl

SDK Version

2.26.1

Latest version known to work for scenario above?

Unknown

Known Workarounds

No response

Debug output

Click to expand log ``` 
</details>


### Configuration

_No response_

### Other information

_No response_

MC-CW25 avatar Nov 27 '25 11:11 MC-CW25

Thank you for asking this question. Can you please provide us the sanitized http request and response so we can determine the source of this issue? Alternatively, can you please run the command with --debug and share the sanitized output?

MIchaelMainer avatar Dec 01 '25 20:12 MIchaelMainer

Hi Michael,

Thanks for your response. Please see debug output below. You'll see "notes": null, but there is text there in the portal.

WORKAROUND:

The BETA version works here:
$properties = 'deviceName,complianceState,emailAddress,lastSyncDateTime,notes'
$resource = "deviceManagement/managedDevices('$deviceID')"
$uri = "https://graph.microsoft.com/beta/$($Resource)?select=$properties"

Try {
$deviceProperties = (Invoke-MgGraphRequest -Method GET -Uri $uri -ErrorAction Stop)
 }
 Catch {
Write-Error $name+" - "+$_.Exception.Message
 }


DEBUG OUTPUT:

Get-MgDeviceManagementManagedDevice -filter "devicename eq 'REMOVED'" -debug
DEBUG: [CmdletBeginProcessing]: - Get-MgDeviceManagementManagedDevice begin processing with parameterSet 'List'.
DEBUG: [Authentication]: - AuthType: 'Delegated', TokenCredentialType: 'InteractiveBrowser', ContextScope: 'CurrentUser', AppName: 'Microsoft Graph Command Line Tools'.
DEBUG: [Authentication]: - Scopes: [Device.ReadWrite.All, DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementServiceConfig.ReadWrite.All, Group.ReadWrite.All, GroupMember.ReadWrite.All, openid, Policy.ReadWrite.Authorization, profile, User.Read, email].
DEBUG: ============================ HTTP REQUEST ============================

HTTP Method:
GET

Absolute Uri:
https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$filter=devicename eq REMOVED

Headers:
FeatureFlag                   : 00000003
Cache-Control                 : no-store, no-cache
User-Agent                    : Mozilla/5.0,(Windows NT 10.0; Microsoft Windows 10.0.26200; en-GB),PowerShell/7.5.4
SdkVersion                    : graph-powershell/2.32.0
client-request-id             : REMOVED
Accept-Encoding               : gzip,deflate,br

Body:



DEBUG: ============================ HTTP RESPONSE ============================

Status Code:
OK

Headers:
Vary                          : Accept-Encoding
Strict-Transport-Security     : max-age=31536000
request-id                    : REMOVED
client-request-id             : REMOVED
x-ms-ags-diagnostic           : {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"5","ScaleUnit":"008","RoleInstance":"REMOVED"}}
odata-version                 : 4.0
Date                          : Tue, 02 Dec 2025 09:36:48 GMT

Body:
{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#deviceManagement/managedDevices",
  "@odata.count": 1,
  "value": [
    {
      "id": "REMOVED",
      "userId": "REMOVED",
      "deviceName": REMOVED
      "managedDeviceOwnerType": "company",
      "managementState": "managed",
      "enrolledDateTime": "2025-01-29T09:34:54Z",
      "lastSyncDateTime": "2025-12-01T09:51:16Z",
      "operatingSystem": "Windows",
      "complianceState": "compliant",
      "jailBroken": "Unknown",
      "managementAgent": "mdm",
      "osVersion": "10.0.26200.7171",
      "easActivated": true,
      "easDeviceId": "REMOVED",
      "easActivationDateTime": "0001-01-01T00:00:00Z",
      "azureADRegistered": true,
      "deviceEnrollmentType": "windowsAzureADJoin",
      "activationLockBypassCode": null,
      "emailAddress": REMOVED
      "azureADDeviceId": REMOVED
      "deviceRegistrationState": "registered",
      "deviceCategoryDisplayName": "Company Laptop",
      "isSupervised": false,
      "exchangeLastSuccessfulSyncDateTime": "0001-01-01T00:00:00Z",
      "exchangeAccessState": "none",
      "exchangeAccessStateReason": "none",
      "remoteAssistanceSessionUrl": null,
      "remoteAssistanceSessionErrorDetails": null,
      "isEncrypted": true,
      "userPrincipalName": REMOVED
      "model": "Latitude 7450",
      "manufacturer": "Dell Inc.",
      "imei": "",
      "complianceGracePeriodExpirationDateTime": "9999-12-31T23:59:59Z",
      "serialNumber": REMOVED
      "phoneNumber": "",
      "androidSecurityPatchLevel": "",
      "userDisplayName": REMOVED
      "configurationManagerClientEnabledFeatures": null,
      "wiFiMacAddress": REMOVED
      "deviceHealthAttestationState": null,
      "subscriberCarrier": "",
      "meid": "",
      "totalStorageSpaceInBytes": 509324820480,
      "freeStorageSpaceInBytes": 126869307392,
      "managedDeviceName": REMOVED
      "partnerReportedThreatState": "unknown",
      "requireUserEnrollmentApproval": null,
      "managementCertificateExpirationDate": "2026-11-23T12:39:30Z",
      "iccid": null,
      "udid": null,
      "notes": null,
      "ethernetMacAddress": null,
      "physicalMemoryInBytes": 0,
      "enrollmentProfileName": null,
      "deviceActionResults": []
    }
  ]
}



DEBUG: [CmdletEndProcessing]: - Get-MgDeviceManagementManagedDevice end processing.

MC-CW25 avatar Dec 02 '25 09:12 MC-CW25

Hey @MC-CW25, thank you for the update.

I suspect you're a victim of not-so-great documentation. Looking at the docs on the ManagedDevice object here https://learn.microsoft.com/en-us/graph/api/resources/intune-devices-manageddevice?view=graph-rest-1.0 I found this cryptic note on the notes field:

Notes on the device created by IT Admin. Default is null. To retrieve actual values GET call needs to be made, with device id and included in select parameter. Supports: $select. $Search is not supported.

My interpretation is that you can only get the notes field when making a GET call for a specific device with a $select clause i.e. /deviceManagement/managedDevices/{managedDeviceId}?$select=id,deviceName,notes

gavinbarron avatar Dec 18 '25 03:12 gavinbarron

Hi,

Thanks for the update and link to documentation.

Yep, my previous update included the alternative method too. Just a shame that the cmdlet can't return the notes field. If this is by design, then I guess this can be closed off. The workaround, as above, definitely works, so could be useful to others who stumble across this post.

Then again, if I leave open, does anyone know if this could lead to a change to the cmdlet?

MC-CW25 avatar Dec 18 '25 14:12 MC-CW25

Thank you @MC-CW25

The cmdlet behavior is dictated by the underly http API, we don't own that so getting a change in behavior of the API needs then InTune team to take on that change, as such, I'll close this item now.

gavinbarron avatar Dec 20 '25 17:12 gavinbarron