spec.graphapi.utilities

1.0.2

Public/Get-specEntraIDDeviceGroup.ps1

                                function Get-specEntraIDDeviceGroup {

    <#

    .SYNOPSIS

    Retrieves group membership information for devices from Microsoft Graph API using their IDs.

    .DESCRIPTION

    This function retrieves group membership information for devices from Microsoft Graph API using their IDs. It requires an access token with appropriate permissions to access Microsoft Graph.

    .PARAMETER ComputerName

    Specifies the name(s) of the computer(s) whose group membership information is to be retrieved. This parameter accepts input from the pipeline. If not specified, the default value is set to the name of the local computer.

    .PARAMETER AccessToken

    Specifies the access token required to authenticate with Microsoft Graph API. This parameter is mandatory.

    .EXAMPLE

    Get-specEntraIDDeviceGroup -ComputerName "computer1" -AccessToken "your_access_token_here"

    Retrieve group membership information for a single device with the specified name.

    .EXAMPLE

    "computer1" | Get-specEntraIDDeviceGroup -AccessToken "your_access_token_here"

    Retrieve group membership information for a single device using pipeline input for the computer name.

    .EXAMPLE

    $customObject = [pscustomobject]@{

        ComputerName = "computer1"

        AccessToken = "your_access_token_here"

    }

    $customObject | Get-specEntraIDDeviceGroup

    Retrieve group membership information for device(s) whose names are contained in a custom object sent through the pipeline.

    .NOTES

    Author: owen.heaume

    Version: 1.0.0

    #>

    [cmdletbinding()]

    param(

        [parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]

        [string[]]$ComputerName = $ENV:COMPUTERNAME,

        [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]

        [string]$AccessToken

    )

    Begin { }

    process {

        foreach ($device in $ComputerName) {

            #Call the private function to get the device ID

            $deviceID = (Get-specEntraIDDeviceID -ComputerName $device -AccessToken $AccessToken).deviceID

            $url = "https://graph.microsoft.com/v1.0/devices/$deviceID/memberOf"

            do {

                try {

                    $result = Invoke-RestMethod -Method Get -Uri $url -Headers @{Authorization = "Bearer $($AccessToken)" } -ea Stop

                    $allGroups += $result.value

                    $url = $result.'@odata.nextLink'

                } catch {

                    Write-Warning "$User Error: $($_.Exception.Message)"

                    $url = $null

                }

            } while ($url)

            $allGroups | % { [pscustomobject]@{

                    Device       = $device

                    DeviceID     = $deviceID

                    GroupID      = $_.id

                    DisplayName  = $_.displayName

                    Description  = $_.description

                    MailEnabled  = $_.mailEnabled

                    CreationDate = $_.createdDateTime

                }

            }

        }

    }

}