question

amolpawar avatar image
0 Votes"
amolpawar asked Dennis-4806 published

Unable to Disable mobile device using Automation Account

We get an error “SetDevice Code: Request_BadRequest Message: Properties other than ExtendedAttribute1..15 can be modified only on windows devices”. Here is the script that we are using:

$dev = Get-AzureADDevice -All:$true | Where {$_.AccountEnabled -eq $true}

foreach ($d in $dev) {

Set-AzureADDevice -ObjectId $d.ObjectId -AccountEnabled $false

}

Even though this returns error, but it still disables the Windows devices and however does not disable mobile devices.

Also, one thing to note is, we can remove the devices using Remove-AzureADDevice using Automation.

The same scripts is running fine without error on Windows Powershell.

azure-automationazure-ad-identity-governance
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

@amolpawar Our apologies for delayed response on this thread. Checking in to see if you are already working with our Azure support team regarding this issue ? Came across a similar escalation so wanted to make sure you have been helped already.

0 Votes 0 ·

@amolpawar - Checking in to see if you had a chance to review the above information and confirm that you have worked with our support team for resolution. From the similar case notes I could find below information , which I thought would help our community members having similar issue.

If you are performing an app-only auth, which results the above error. Which is by design.
However to modify the attributes, you need to use PowerShell or perform a User auth to acquire a token.

Hope the above information helps for other community members facing this issue. Thank you

0 Votes 0 ·
bharathn-msft avatar image
0 Votes"
bharathn-msft answered

<<Converting the information from comments to here for broader community usage>>

Thank you @amolpawar for your query.

Came across a similar case notes I could find below information , which I thought would help our community members having similar issue. So sharing it here.

If you are performing an app-only auth, which results the above error. Which is by design.
However to modify the attributes, you need to use PowerShell or perform a User auth to acquire a token.

Hope the above information helps for other community members facing this issue. Thank you

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Dennis-4806 avatar image
0 Votes"
Dennis-4806 answered Dennis-4806 published

is that a bug or is that "by design" and we cannot use app-permissions to disable devices?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.