Error on Connect-MSGraph
Hello, I would like to use Powershell to sync Intune devices but when I launch the Connect-MSGraph command and enter the user credentials it responds with the following error message: AADSTS700016: Application with identifier d1ddf0e4-d672-4dae-b554-9d5bdfd93547 was not found in the directory 'Contoso'. This can happen if the application has not been installed by the administrator of the tenant or consented to by any user in the tenant. You may have sent your authentication request to the wrong tenant. Is there a problem with Azure Graph app? How can I fix it? Thank you very much.How to Escape Special Characters in the -Filter Property of the Get-IntuneManagedDevice Cmdlet?
TL;DR: How do I escape the pound/hash (#) and apostrophe (') characters in the Filter property of the Get-IntuneManagedDevice cmdlet? Full Explanation I'm leveraging the Get-IntuneManagedDevice cmdlet to get devices associated with users by their UserPrincipalName: Get-intunemanageddevice -Filter "userprincipalname eq 'email userUPN at domain.tld'" Whenever I come across a UPN with special characters in it, the cmdlet fails with error: Invalid filter clause: Syntax error at position NN in 'userprincipalname eq 'user D'UPN at domain.tld''. So far the I've run into this problem when users have: "#EXT#" in their UPN indicating an external user An apostrophe in their name How do I escape the pound/hash (#) and apostrophe (') characters in the Filter property of the Get-IntuneManagedDevice cmdlet? I considered switching to using the user's object ID, instead of the UPN, but swapping "userPrincipalName" for "Id" or "userId" that doesn't yield valid results and curiously seems to return all devices in the organization.
Using Get-AADGroupMember to show Groups only
Hi everyone, I'm looking for some help please... I've been trying to run some powershell script to get a list of members from an Intune Group, however I want to filter on group members only. I've tried various options, such as the below... Get-AADGroup -groupId xxxx | Get-AADGroupMember | Where-Object {$_.'@odata.type' -contains 'group'} | Get-MSGraphAllPages | Select-Object displayName But I get no results returned. If I remove 'Where-Object', I successfully receive all members (devices and groups), but really want to show group members only. Could anyone provide any help? Thanks in advance
How can I use @odata.context when returning data from Invoke-MSGraphRequest in Powershell
@{@odata.context=https://graph.microsoft.com/beta/$metadata#deviceManagement/managedDevices(id,imei,operatingSystem,ownerType,managedDeviceOwnerType); @odata.count=1000; @odata.nextLink=https://graph.microsoft.com/beta/deviceManagement/managedDevices?select=id%2cimei%2coperatingSystem%2cownerType%2cmanagedDeviceOwnerType&$skiptoken=LastDeviceName%3d%27LP20-0321MKD%27%2cLastDeviceId%3d%27a1915a8b-6632-46d2-90ec-5bb446ff324c%27; value=System.Object[]} My output returns a whole mess of this, but I can convert the query to JSON no problem. Is there any way I can use this @odata.context to update or runa PATCH query with graph?Setting Android Enterprise Wi-Fi policy "ConnectAutomatically" to TRUE via GRAPH
Hi, I've really struggling to adjust a setting that's not viewable via the Endpoint Manager admin Center. After looking at some samples here - powershell-intune-samples/DeviceConfiguration_Get.ps1 at master · microsoftgraph/powershell-intune-samples · GitHub I am able to view the attributes but can for the life of me work out how to PATCH or change the settings as outlined here - Update androidWorkProfileWiFiConfiguration - Microsoft Graph beta | Microsoft Docs Has anyone managed to do this? $uri = "https://graph.microsoft.com/Beta/deviceManagement/deviceConfigurations/Loooooong reference ID to our Wifi policy ID" Invoke-RestMethod -Uri $uri -Headers $authToken -Method Get @odata.context : https://graph.microsoft.com/beta/$metadata#deviceManagement/deviceConfigurations/$entity @odata.type : #microsoft.graph.androidDeviceOwnerEnterpriseWiFiConfiguration id : Loooooong reference ID to our Wifi policy ID lastModifiedDateTime : 2022-01-12T09:29:09.8945527Z roleScopeTagIds : {0} supportsScopeTags : True deviceManagementApplicabilityRuleOsEdition : deviceManagementApplicabilityRuleOsVersion : deviceManagementApplicabilityRuleDeviceMode : createdDateTime : 2021-11-08T16:46:28.0046415Z description : displayName : Android Enterprise - Wi-Fi -Managed version : 14 networkName : Another looooong number ssid : wifi-Managed connectAutomatically : False connectWhenNetworkNameIsHidden : True wiFiSecurityType : wpaEnterprise preSharedKey : preSharedKeyIsSet : False eapType : eapTls trustedServerCertificateNames : {server.ourdomain.com} authenticationMethod : certificate innerAuthenticationProtocolForEapTtls : innerAuthenticationProtocolForPeap : none outerIdentityPrivacyTemporaryValue : OurDeviceName $Body = @{"connectAutomatically" = "True"} Invoke-RestMethod -Method PATCH -Uri $uri -Body $Body -Headers $authToken -ContentType application/json Invoke-RestMethod : The remote server returned an error: (400) Bad Request. At line:1 char:1 + Invoke-RestMethod -Method PATCH -Uri $uri -Body $Body -Headers $authT ... + ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ + CategoryInfo : InvalidOperation: (System.Net.HttpWebRequest:HttpWebRequest) [Invoke-RestMethod], WebException + FullyQualifiedErrorId : WebCmdletWebResponseException,Microsoft.PowerShell.Commands.InvokeRestMethodCommand
