This PowerShell script leverages the Microsoft Graph API to synchronize Intune MDM devices. A previous iteration of the script was limited to fetching and syncing only the first 1000 devices due to pagination. To overcome this, the updated script iterates through the @odata.nextLink property, allowing it to seamlessly process all devices beyond the initial 1000 records. The @odata.count property indicates the number of devices per page, typically 1000. Below is the result after running complete script.
In the below script I am using while loop to iterate through highlighted next link to change the pages in Graph API. You can check my earlier article where 1000 devices pagination is not present Automate Intune MDM Device Sync: A PowerShell Script for Microsoft Graph API.
You can download this script here MDM-SyncDevicesPagination.ps1 or it is also available on github.com.
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 |
$tenantId = 'xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' $loginUri = "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" $loginMethod = 'POST' $loginBody = @{ grant_type="client_credentials" client_id='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' client_secret='xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx' scope="https://graph.microsoft.com/.default" } $tokenResponse = Invoke-RestMethod -Uri $loginUri -Method $loginMethod -Body $loginBody -ContentType 'application/x-www-form-urlencoded' ####################### $bearerTokenHeader = @{ Authorization = "{0} {1}" -f $tokenResponse.token_type, $tokenResponse.access_token } $manageddevicesUri = "https://graph.microsoft.com/v1.0/deviceManagement/managedDevices" $allDevices = @() while ($null -ne $manageddevicesUri) { $devicesResponse = Invoke-RestMethod -Uri $manageddevicesUri -Headers $bearerTokenHeader -Method GET #$allDevices.value | Select-Object id, deviceName, operatingSystem, complianceState | Format-Table $allDevices += $devicesResponse.value $devicesResponse.value | Export-Csv -Path C:\temp\dviceslist.csv -NoTypeInformation -Append $manageddevicesUri = $devicesResponse.'@odata.nextLink' # $manageddevicesUri } foreach ($device in $allDevices[0..1]) { #$deviceUri = "https://graph.microsoft.com/beta/deviceManagement/managedDevices/$($device.id)/syncDevice" $deviceUri = "https://graph.microsoft.com/v1.0/deviceManagement/managedDevices/$($device.id)/syncDevice" $deviceSyncInfo = Invoke-Webrequest -Uri $deviceUri -Headers $bearerTokenHeader -Method POST $deviceSyncInfo } |
Useful Articles
Streamlining Intune MDM Device Management with Microsoft Graph and PowerShell
PowerShell Create and Export Self-Signed RSA Certificates (PFX, CER, PEM)
How to switch to other Azure AD tenant using PowerShell and Azure CLI
Creating a new user in Azure AD using oneliner PowerShell and Azure CLI
Connect-AzureAD: One or more errors occurred. Could not load type 'System.Security.Cryptography.SHA256Cng'
Create a Azure Virtual Network with Subnet using PowerShell
Azure add create a Subnet to existing Virtual Network using PowerShell
Remove Azure Virtual Network Subnet using PowerShell
Create key vault and secrets with access policies in Microsoft Azure
Working With Azure Key Vault Using Azure PowerShell and AzureCLI
Use Key Vault secret identifier url to get the secret value using Powershell
Use a Azure VM system assigned managed identity to access Azure Key Vault
Create Azure Key Vault Certificates on Azure Portal and Powershell
Export certificates from Azure Key Vault using PowerShell
