寻求有关 Intune Powershell/graph 界面的一些帮助。
我正在尝试通过 Powershell 来操作 Intune 设备类别,这样首先我可以更正注册期间放入错误类别的设备,其次,我正处于从混合 SCCM/Intune 转移到 Azure Intune 的过程中,并且我们没有对已注册到 SCCM 混合 Intune 的设备使用设备类别,我想使用 powershell 循环遍历一个充满设备序列号/IMEI 号码的 CSV 文件并将公司设备放入正确的设备类别。
研究 Intune 的 powershell/graph 界面,我可以做类似的事情
Get-IntuneManagedDevice -Filter "IMEI eq '01 012345 678910 1'"(或者-Filter "serialNumber eq 'DEADBEEF'"其他)并获取我所有设备的详细信息输出。这包括一个“deviceCategoryDisplayName”字段,这是我想要更改的值。
我甚至可以Get-IntuneManagedDevice -Filter "serialNumber eq 'DEADBEEF'"| select manageddeviceid将 managedDeviceID 值作为输出。
据我所知,这应该与 Update-IntuneManagedDevice 一起使用(见下文)
get-help Update-IntuneManagedDevice -detailed
NAME
Update-IntuneManagedDevice
SYNOPSIS
Updates a "microsoft.graph.managedDevice".
SYNTAX
Update-IntuneManagedDevice -managedDeviceId <string>
那么我应该能够使用其管理的设备 ID 来更新设备吗?
我不能做的是:
Get-IntuneManagedDevice -Filter "serialNumber eq 'deadbeef'"| select manageddeviceid | Update-IntuneManagedDevice -deviceCategoryDisplayName 'BYOD'
当我尝试时,出现以下错误。显然我做错了什么,但有人能给我指出正确的方向吗?我不认为我试图做的事情从根本上是不合理的……是吗?
(需要明确的是,执行Get-IntuneManagedDevice -managedDeviceID deadbeef-aaaa-bbbb-cccc-0123456789ab 后我的目标设备详细信息正确,但运行却Update-IntuneManagedDevice -managedDeviceID deadbeef-aaaa-bbbb-cccc-0123456789ab -deviceCategoryDisplayName 'BYOD'出现同样的错误)
Update-IntuneManagedDevice : 400 Bad Request
{
"error": {
"code": "InternalError",
"message": "{\r\n \"_version\": 3,\r\n \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 6f743002-b0e0-48ed-a25d-0cdd33870efd - Url:
https://fef.msub02.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDe... \"CustomApiErrorPhrase\":
\"\",\r\n \"RetryAfter\": null,\r\n \"ErrorSourceService\": \"\",\r\n \"HttpHeaders\": \"{}\"\r\n}",
"innerError": {
"request-id": "6f743002-b0e0-48ed-a25d-0cdd33870efd",
"date": "2019-03-06T14:08:02"
}
}
}
At line:1 char:92
+ ... ddeviceid | Update-IntuneManagedDevice -deviceCategoryDisplayName 'BY ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : ConnectionError: (@{Request=; Response=}:PSObject) [Update-IntuneManagedDevice], HttpRequestException
+ FullyQualifiedErrorId : PowerShellGraphSDK_HttpRequestError,Microsoft.Intune.PowerShellGraphSDK.PowerShellCmdlets.Update_IntuneManagedDevice
答案1
完成这方面的一些工作后,目前需要使用 Intune PowerShell 的 MS Graph 函数。您还需要使用该类别设备的 GUID ID 号。
使用获取 Intune 设备类别Get-IntuneDeviceCategory和 Intune 设备 ID Get-IntuneManagedDevice(请注意,这里您需要的是“ID”字段,而不是“AzureADDeviceID”。
这是一个工作原型
#this is an example for 1 device:
$intuneDeviceId = 'deadbeef-aaaa-bbbb-cccc-0123456789ab' #update the IntuneDeviceID, you will need to implement a loop for mutiple devices
$deviceCategoryReqBody = '{"@odata.id":"https://graph.microsoft.com/beta/deviceManagement/deviceCategories/98765432-aaaa-bbbb-cccc-0123456789ab"}' #update the deviceCateg id
$patchDeviceReqBody = '{}'
#Running a GET method on the device ID to check its validity
Invoke-RestMethod -Uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$intuneDeviceId/deviceCategory" -Headers $authToken -Method Get
#calling the PUT method to update device category for that specific device
Invoke-RestMethod -Uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$intuneDeviceId/deviceCategory/`$ref" -Headers $authToken -Method Put -Body $deviceCategoryReqBody
#calling the PATCH method to update device details about device category
Invoke-RestMethod -Uri "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$intuneDeviceId" -Headers $authToken -Method Patch -Body $patchDeviceReqBody
#Running a GET method on the device ID to check its validity
Invoke-RestMethod -Uri "https://graph.microsoft.com/beta/deviceManagement/deviceCategories/" -Headers $authToken -Method Get
#endregion