Advertisement
Okay kind of going insane here.<\/p>\n
I’m trying to get devices from a security group of users into a new security group for devices.<\/p>\n
Seems easy. Use mg-graph Powershell commandlet to pull the group members down, query the devices for each member. Easy.<\/p>\n
Now how to add them to the group? First thought even though it’s more work was just to use the bulk import method in the GUI. Add the exported AzureADDeviceID property to the spreadsheet, upload… failed. What? Oh right, every object has two different IDs and that’s the wrong one. Add the exported object ID to the spreadsheet instead, fail. Oh yeah there’s three different IDs…<\/p>\n
How to get the actual Object ID, which is what everything needs to manipulate objects in Azure? Oh that’s just not accessible via the graph cmdlets. But it’s also the only way accepted to do bulk actions to devices, including the new-mggroupmember cmdlet.<\/p>\n
What the hell is Microsoft smoking… anyone have an obvious solution here that I’m missing?<\/p>","upvoteCount":0,"answerCount":2,"datePublished":"2024-04-04T19:50:07.024Z","author":{"@type":"Person","name":"3dbarron","url":"https://community.spiceworks.com/u/3dbarron"},"suggestedAnswer":[{"@type":"Answer","text":"
Okay kind of going insane here.<\/p>\n
I’m trying to get devices from a security group of users into a new security group for devices.<\/p>\n
Seems easy. Use mg-graph Powershell commandlet to pull the group members down, query the devices for each member. Easy.<\/p>\n
Now how to add them to the group? First thought even though it’s more work was just to use the bulk import method in the GUI. Add the exported AzureADDeviceID property to the spreadsheet, upload… failed. What? Oh right, every object has two different IDs and that’s the wrong one. Add the exported object ID to the spreadsheet instead, fail. Oh yeah there’s three different IDs…<\/p>\n
How to get the actual Object ID, which is what everything needs to manipulate objects in Azure? Oh that’s just not accessible via the graph cmdlets. But it’s also the only way accepted to do bulk actions to devices, including the new-mggroupmember cmdlet.<\/p>\n
What the hell is Microsoft smoking… anyone have an obvious solution here that I’m missing?<\/p>","upvoteCount":0,"datePublished":"2024-04-04T19:50:07.121Z","url":"https://community.spiceworks.com/t/how-to-bulk-import-devices-into-azure-ad-groups/1061691/1","author":{"@type":"Person","name":"3dbarron","url":"https://community.spiceworks.com/u/3dbarron"}},{"@type":"Answer","text":"
You definitely want the objectID. Not sure off the top of my head how to get it with graph, I can test tomorrow, but the older method would be to connect to azuread and run<\/p>\n
(Get-AzureADDevice -searchstring “Computername”).objectid<\/p>\n
You could do that against a computer, and compare the value to what’s returned by graph to see which property you need.<\/p>","upvoteCount":1,"datePublished":"2024-04-04T23:53:49.222Z","url":"https://community.spiceworks.com/t/how-to-bulk-import-devices-into-azure-ad-groups/1061691/2","author":{"@type":"Person","name":"PatrickFarrell","url":"https://community.spiceworks.com/u/PatrickFarrell"}}]}}