Forum Discussion

John Grenfell's avatar
John Grenfell
Copper Contributor
Jan 13, 2022

Setting Android Enterprise Wi-Fi policy "ConnectAutomatically" to TRUE via GRAPH

Hi,

I've really struggling to adjust a setting that's not viewable via the Endpoint Manager admin Center.
After looking at some samples here - powershell-intune-samples/DeviceConfiguration_Get.ps1 at master · microsoftgraph/powershell-intune-samples · GitHub I am able to view the attributes but can for the life of me work out how to PATCH or change the settings as outlined here - Update androidWorkProfileWiFiConfiguration - Microsoft Graph beta | Microsoft Docs

Has anyone managed to do this?

 

 

$uri = "https://graph.microsoft.com/Beta/deviceManagement/deviceConfigurations/Loooooong reference ID to our Wifi policy ID"
Invoke-RestMethod -Uri $uri -Headers $authToken -Method Get

@odata.context : https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceConfigurations/$entity
@odata.type : #microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration
id : Loooooong reference ID to our Wifi policy ID
lastModifiedDateTime : 2022-01-12T09:29:09.8945527Z
roleScopeTagIds : {0}
supportsScopeTags : True
deviceManagementApplicabilityRuleOsEdition :
deviceManagementApplicabilityRuleOsVersion :
deviceManagementApplicabilityRuleDeviceMode :
createdDateTime : 2021-11-08T16:46:28.0046415Z
description :
displayName : Android Enterprise - Wi-Fi -Managed
version : 14
networkName : Another looooong number
ssid : wifi-Managed
connectAutomatically : False
connectWhenNetworkNameIsHidden : True
wiFiSecurityType : wpaEnterprise
preSharedKey :
preSharedKeyIsSet : False
eapType : eapTls
trustedServerCertificateNames : {server.ourdomain.com}
authenticationMethod : certificate
innerAuthenticationProtocolForEapTtls :
innerAuthenticationProtocolForPeap : none
outerIdentityPrivacyTemporaryValue : OurDeviceName

$Body = @{"connectAutomatically" = "True"}

Invoke-RestMethod -Method PATCH -Uri $uri -Body $Body -Headers $authToken -ContentType application/json

Invoke-RestMethod : The remote server returned an error: (400) Bad Request.
At line:1 char:1
+ Invoke-RestMethod -Method PATCH -Uri $uri -Body $Body -Headers $authT ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException
+ FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand

 

 

 

graph
Graph API
Mobile Device Management (MDM)
wifi policy
  • Mr_Helaas's avatar
    Mr_Helaas
    Steel Contributor
    Jan 15, 2022

    Hi John Grenfell,

     

    There are 2 option to achieve your goal. You can use the graph explorer or PowerShell scripts.

    As you already mention Microsoft has a good repo with different type of scripts that can be used. 

     

    URL to graph explorer

    Graph Explorer - Microsoft Graph 

     

    First i will explain the graph explorer method. 

     

    Step 1 

    Login into Graph explorer.

     

    Step 2 get the configuration profile ID

    Before we can change a setting in a profile with the graph explorer we need the configuration ID of the profile. You can get the profile on 2 methods, Copy the ID from the endpoint manager url or copy the ID via graph explorer.

     

    URL method

    Open the profile in Microsoft Endpoint manager and copy id from the url. See below print screen

     

    Graph Explorer method

    Open the graph explorer enter the right url as i did in the print screen and In the below panel you can find all the configuration profiles and search through them for your Wifi profile and copy the profile id 

     

    Step 3 open Wifi profile settings with graph explorer.

    Now we have the ID of the profile, we can change, delete the profile. Enter the profile ID after the url as i did in below print screen

     

    Now you will get in the second panel all the profile settings.

     

    Step 4 patch Wifi profile settings

    Now you have to paste the following code in the first pannel 

     

    {
    "@odata.context": "https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceConfigurations/$entity",
    "@odata.type": "#microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration",
    "connectAutomatically": true
}

     

    After you paste the code in the first panel you have to change the graph api from get to patch as i did in below print screen

     

    Now you have to click on Run query and you will receive the 200 response code and your profile is changed. 

     

    The other option what you can use is a PowerShell script from the GitHub Repo. First you have to export all the configuration profiles what you can do with the DeviceConfiguration_Export.ps1 script which can be found on the following URL: powershell-intune-samples/DeviceConfiguration_Export.ps1 at master · microsoftgraph/powershell-intune-samples · GitHub

     

    Run the script and save all the profiles on your local drive. Open the Wifi profile config and change the 

    "connectAutomatically" setting to true. Save your JSON file and open a new script from the GitHub Repo named DeviceConfiguration_Import_FromJSON.ps1 which can de found on the following URL: powershell-intune-samples/DeviceConfiguration_Import_FromJSON.ps1 at master · microsoftgraph/powershell-intune-samples · GitHub.
     
    After you run the import script a new profile is created.
     
    I hope my explanation is clear and can help you. Please let me know if you need some more information.
     
    Kind regards,
     
    Rene

Resources