Get-ManagedDevices.ps1
|
function Get-ManagedDevices(){ <# .SYNOPSIS This function is used to get Intune Managed Devices from the Graph API REST interface .DESCRIPTION The function connects to the Graph API Interface and gets any Intune Managed Device .PARAMETER IncludeEAS Switch to include EAS devices (not included by default) .PARAMETER ExcludeMDM Switch to exclude MDM devices (not excluded by default) .PARAMETER DeviceOS Filter devices by operating system. Options: Android, iOS, Windows, All Default is All .EXAMPLE Get-ManagedDevices Returns all managed devices but excludes EAS devices registered within the Intune Service .EXAMPLE Get-ManagedDevices -IncludeEAS Returns all managed devices including EAS devices registered within the Intune Service .NOTES NAME: Get-ManagedDevices .LINK https://github.com/Skatterbrainz/ds-intune/blob/master/docs/Get-ManagedDevices.md #> [cmdletbinding()] param ( [parameter(Mandatory)][string] $UserName, [parameter()][string] $DeviceName = "", [parameter()][string][ValidateSet('All','Windows','Android','iOS')] $DeviceOS = 'All', [parameter()][switch] $IncludeEAS, [parameter()][switch] $ExcludeMDM, [parameter()][string] $graphApiVersion = "beta" ) #$graphApiVersion = "beta" $Resource = "deviceManagement/managedDevices" try { Get-psIntuneAuth -UserName $UserName $Count_Params = 0 if ($IncludeEAS.IsPresent){ $Count_Params++ } if ($ExcludeMDM.IsPresent){ $Count_Params++ } if ($Count_Params -gt 1) { Write-Warning "Multiple parameters set, specify a single parameter -IncludeEAS, -ExcludeMDM or no parameter against the function" #Write-Host break } elseif ($IncludeEAS) { Write-Verbose "IncludeEAS = true" $uri = "https://graph.microsoft.com/$graphApiVersion/$Resource" } elseif ($ExcludeMDM) { Write-Verbose "ExcludeMDM = true" $uri = "https://graph.microsoft.com/$graphApiVersion/$Resource`?`$filter=managementAgent eq 'eas'" } else { if (![string]::IsNullOrEmpty($DeviceName)) { Write-Verbose "DeviceName = $DeviceName" $uri = "https://graph.microsoft.com/$graphApiVersion/$Resource`?`$filter=deviceName eq '$DeviceName' and managementAgent eq 'mdm' and managementAgent eq 'easmdm'" } else { Write-Verbose "Default = True" $uri = "https://graph.microsoft.com/$graphApiVersion/$Resource`?`$filter=managementAgent eq 'mdm' and managementAgent eq 'easmdm'" if ($DeviceOS -ne 'All') { $uri += " and operatingSystem eq '$DeviceOS'" } } Write-Warning "EAS Devices are excluded by default, please use -IncludeEAS if you want to include those devices" #Write-Host } Write-Verbose "uri = $uri" $response = (Invoke-RestMethod -Uri $uri -Headers $authToken -Method Get) $Devices = $response.Value $DevicesNextLink = $response."@odata.nextLink" while ($DevicesNextLink) { $response = (Invoke-RestMethod -Uri $DevicesNextLink -Headers $authToken -Method Get) $DevicesNextLink = $response."@odata.nextLink" $Devices += $response.value } $Devices } catch { $ex = $_.Exception $errorResponse = $ex.Response.GetResponseStream() $reader = New-Object System.IO.StreamReader($errorResponse) $reader.BaseStream.Position = 0 $reader.DiscardBufferedData() $responseBody = $reader.ReadToEnd(); Write-Warning "Response content:`n$responseBody" Write-Error "Request to $Uri failed with HTTP Status $($ex.Response.StatusCode) $($ex.Response.StatusDescription)" Write-Host break } } |