question

AsAdmin-9453 avatar image
0 Votes"
AsAdmin-9453 asked shashishailaj edited

Azure AD device group membership

Can someone help me with powershell query to get Azure AD device group membership?

I was refrying below article and tried some commands but unfortunately unable to get!
https://docs.microsoft.com/en-us/powershell/module/azuread/get-azureaddevice?view=azureadps-2.0

I was able to get device owner and other details, group membership is not displayed.
Even if we downloads the all device report from Azure AD--> devices, device group memberships are not displayed in report.

Any help will be appreciated.

looking for data highlighted in attached screenshot
142175-image.png


azure-active-directory
image.png (33.0 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

shashishailaj avatar image
1 Vote"
shashishailaj answered shashishailaj edited

Hello @AsAdmin-9453 ,

Unfortunately at this point we do not have a powershell cmdlet for the same. Me and one of my colleagues @AnuragSharma-MSFT worked together and tested the following script . This works and you will be able to get an output for all devices with objectID and the groups they are member of . This will exactly provide you the solution you needed.

Please make sure that you run this with global administrator privileges . Also you would require to install Microsoft Graph Powershell module before you can run this script . Please use the following cmdlet in order to install Microsoft Graph module on your machine. Please check the linked article for any issues with installation and minimum powershell versions .


Install-Module -Name Microsoft.Graph


 Connect-Graph -Scopes "User.Read.All", "Group.ReadWrite.All", "Device.Read.All"
 $AllDevice = Invoke-GraphRequest - Uri "https://graph.microsoft.com/v1.0/devices/"
     $devicecount = $AllDevice.value.Count
     $graphurl = "https://graph.microsoft.com/v1.0/devices/"
    
     $tempTable = New - Object System.Data.DataTable
    
     $col1 = New-Object System.Data.DataColumn("Device Object Id")
     $col2 = New-Object System.Data.DataColumn("Device Name")
     $col3 = New-Object System.Data.DataColumn("Group Names")
    
     $tempTable.columns.Add($col1)
     $tempTable.columns.Add($col2)
     $tempTable.columns.Add($col3)
    
     $tempTable.Columns.Count
    
     for ($i = 0; $i - le $devicecount - 1; $i += 1) {
         $row = $tempTable.NewRow()
    
             $url = -join($graphurl, $AllDevice.value[$i].id, "/memberOf")
             $DeviceGroupMember = Invoke-GraphRequest - Uri $url
             if ($DeviceGroupMember.value.displayName) {
                 $row["Device Object Id"] = $AllDevice.value[0].id
                     $row["Device Name"] = $AllDevice.value[0].displayName
                     $displayGrpcount = $DeviceGroupMember.value.displayName.Count
    
                     if ($displayGrpcount - eq 1) {
                         $row["Group Names"] = $DeviceGroupMember.value.displayName
    
                     } else {
                         $GroupName = ""
                             for ($j = 0; $j - le $displayGrpcount - 1; $j += 1) {
                                 $GroupName = -join($GroupName, $DeviceGroupMember.value.displayName[$j], "; ")
                             }
                             $row["Group Names"] = $GroupName
    
                     }
    
             }
             $tempTable.rows.Add($row)
    
             $tempTable | export-csv -Path. \so.csv -NoTypeInformation
     }

The above scripts will provide an output like below.

142419-image.png

Let us know if you have any other query . In case it helps , please do accept the answer so that it improves the answer relevancy and helps other members in the community searching for similar solutions.

Thank you .


Credits :- Table creation taken from Russ Maxwell's Blog .



  • Please don't forget to click on 130616-image.png or upvote 130671-image.png button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how

  • Want a reminder to come back and check responses? Here is how to subscribe to a notification

  • If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators



image.png (344.5 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.