PowerShell script to retrieve a list of users without properly assigned/registered Windows or MacOS devices

Question

Need a PowerShell script to get list of user who do have an Windows or mac OS device assigned or registered under their name

We have many users who do not as any Windows or MacOS device assigned under their name

These are devices which were not properly enrolled / auto pilot / azure AD joined
I need to get a list of those users so that I can check with them which device they are using, and then properly enroll that device

Also I will check what was the process which was followed to enroll that device and why it does not show as assigned to that user

Answer 1

@Nadimuddin J Shaikh, Thanks for posting in Q&A.

For your issue, I have done some research, here is a PowerShell script that may retrieve a list of users with properly assigned/registered Windows devices.

#Path of CSV to import. Should contain a list of ADuser Names and Migration Dates
$csvPath = ".\UserList_V04.csv"

#Creates emptly array that will be populated later
$laptopStatus = @()

#Imports CSV into an array
$userList = Import-Csv -Path $csvPath

#ForEach loop that acts on all objects in target CSV
foreach ($user in $userList) {

#nulls out critial variables
$intuneDevice = $null
$userEmail = $null

#Converts the AD user ID in source CSV into an email address. Intune stores all user IDs as email addresses.
$userEmail = ($user.ADUserID + "@Contoso.com")

#Queries Intune and sets a variable containing all devices registered to target email adress
Write-host "Checking Intune for devices registered to $userEmail"
$intuneDevice = Get-IntuneManagedDevice | Where-Object { $_.emailAddress -eq $userEmail }

#Catch for users with no registered device. Creates a line in the array basic info so they will still show up in the final report.
if (!($intuneDevice)) {

    Write-Host "No devices found in Intune for $userEmail"

    $laptopStatus += [pscustomobject]@{
        EmailAddress     = $userEmail
        UserName         = $null
        ComputerName     = "N/A"
        MigrationDate    = $user.MigrationDate
        EnrolledDateTime = $null
        PCModel          = $null
        DeviceOwnership  = $null
    }

}

#sub-loop goes through all devices found to be registered to target email address
foreach ($pc in $intuneDevice) {


    $dateTime = get-date "$($pc.managedDevicename.Split("_")[-2]) $($pc.managedDeviceName.Split("_")[-1])"

    Write-Host "Found device(s) for $userEmail. Writing device to array."
    #Ouputs the variables on the right to the array "teamsStatus" with the headers on the left.
    $laptopStatus += [pscustomobject]@{
        EmailAddress     = $PC.emailAddress
        UserName         = $PC.userDisplayName
        ComputerName     = $PC.deviceName
        MigrationDate    = $user.MigrationDate
        EnrolledDateTime = $dateTime
        PCModel          = $PC.model
        DeviceOwnership  = $PC.managedDeviceOwnerType
    }

}
}

#outputs the array created in the foreach loop to a CSV
$date = $Date = get-date -format MM.dd.yyyy_hh.mm
$laptopStatus | Format-Table
$laptopStatus | Sort-Object -Property "MigrationDate", "EmailAddress" | Export-Csv -Path .\V4ScriptOutput_$date.csv -NoTypeInformation

Or you can refer the link below to get more information.

https://andrewstaylor.com/2021/12/22/finding-devices-and-details-assigned-to-a-user-in-intune/

Non-official, just for reference.

Hope it will help.

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.