spec.graphapi.utilities

1.0.2

Public/Get-specEntraIDUserManagedDevice.ps1

                                function Get-specEntraIDUserManagedDevice {

    <#

    .SYNOPSIS

    Retrieves information about managed devices belonging to users from Microsoft Graph API.

    .DESCRIPTION

    This function retrieves information about managed devices belonging to users from Microsoft Graph API. It requires an access token with appropriate permissions to access Microsoft Graph.

    .PARAMETER UPN

    Specifies the UserPrincipalName (UPN) of the user(s) whose managed device information is to be retrieved. This parameter accepts input from the pipeline. If not specified, the default value is set to the UPN of the currently logged-in user.

    .PARAMETER AccessToken

    Specifies the access token required to authenticate with Microsoft Graph API. This parameter is mandatory.

    .EXAMPLE

    Get-specEntraIDUserManagedDevice -UPN "user1@specsavers.com" -AccessToken "your_access_token_here"

    Retrieve information about managed devices for a single user with the specified UPN.

    .EXAMPLE

    "user1@specsavers.com" | Get-specEntraIDUserManagedDevice -AccessToken "your_access_token_here"

    Retrieve information about managed devices for a single user using pipeline input for the UPN.

    .EXAMPLE

    $customObject = [pscustomobject]@{

        UPN = "user1@specsavers.com"

        AccessToken = "your_access_token_here"

    }

    $customObject | Get-specEntraIDUserManagedDevice

    Retrieve information about managed devices for user(s) whose UPNs are contained in a custom object sent through the pipeline.

    .NOTES

    Author: owen.heaume

    Version: 1.0.0

    #>

    [cmdletbinding()]

    param(

        [parameter(Mandatory = $false, ValueFromPipeline = $true, ValueFromPipelineByPropertyName = $true)]

        [Alias('UserPrincipalName')]

        [string[]]$UPN = "$ENV:USERNAME@specsavers.com",

        [parameter(Mandatory = $true, ValueFromPipelineByPropertyName = $true)]

        [string]$AccessToken

    )

    Begin { }

    process {

        foreach ($user in $UPN) {

            $url = "https://graph.microsoft.com/v1.0/users/$user/managedDevices?$select=deviceName,operatingSystem,userId"

            try {

                $result = Invoke-RestMethod -Method Get -Uri $url -Headers @{Authorization = "Bearer $($AccessToken)" } -ea Stop

            } catch {

                Write-Warning "$User Error: $($_.Exception.Message)"

                continue

            }

            $result.value | % { [pscustomobject]@{

                    Id                       = $_.Id

                    deviceName               = $_.deviceName

                    model                    = $_.model

                    manufacturer             = $_.manufacturer

                    serialNumber             = $_.serialNumber

                    imei                     = $_.imei

                    managedDeviceName        = $_.managedDeviceName

                    totalStorageSpaceInBytes = $_.totalStorageSpaceInBytes

                    freeStorageSpaceInBytes  = $_.freeStorageSpaceInBytes

                    managedDeviceOwnerType   = $_.managedDeviceOwnerType

                    enrolledDateTime         = $_.enrolledDateTime

                    lastSyncDateTime         = $_.lastSyncDateTime

                    operatingSystem          = $_.operatingSystem

                    osversion                = $_.osversion

                    managementAgent          = $_.managementAgent

                    azureadRegistered        = $_.azureadRegistered

                    deviceEnrollmentType     = $_.deviceEnrollmentType

                    azureADDeviceId          = $_.azureADDeviceId

                    deviceRegistrationState  = $_.deviceRegistrationState

                }

            }

        }

    }

}