Managing devices in Microsoft Entra ID often requires assigning custom attributes to devices for better organization and management. This blog post will guide you through a PowerShell script that assigns extension attributes to Entra ID devices. Please be aware that this script leverages the Microsoft Graph API and requires specific permissions to execute.
Requirements
Before running the script, ensure you have the following:
- Microsoft.Graph.Beta PowerShell module
- Permissions: Directory.ReadWrite.All and Device.Read.All
Script Overview
The script connects to Microsoft Graph, retrieves a specific device, assigns extension attributes, and provides an option to clear these attributes if needed.
Script Details
Connect to Microsoft Graph
First, the script connects to Microsoft Graph using the required scopes:
|
1 2 |
$Scopes = "Directory.ReadWrite.All, Device.Read.All" Connect-MgGraph -Scopes $Scopes |
Retrieve the Device
Next, the script retrieves the device based on its display name. Make sure to replace DeviceDisplayName with the actual display name of the device you want to manage:
|
1 |
$Device = Get-MgBetaDevice -Filter "displayName eq 'DeviceDisplayName'" |
Set Extension Attributes
The script then sets the variables for the extension attributes you want to assign:
|
1 2 3 |
$DeviceRegion = "Europe" $DeviceCountry = "France" $DeviceCity = "Paris" |
Assign Extension Attributes
The extension attributes are assigned to the device using the following code:
|
1 2 3 4 5 6 7 8 9 |
$Attributes = @{ ExtensionAttributes = @{ extensionAttribute1 = $DeviceRegion extensionAttribute2 = $DeviceCountry extensionAttribute3 = $DeviceCity } } | ConvertTo-Json Update-MgBetaDevice -DeviceId $Device.Id -BodyParameter $Attributes |
Clear Extension Attributes
If you need to clear the extension attributes, the script provides an option to do so:
|
1 2 3 4 5 6 7 8 9 |
$Attributes = @{ ExtensionAttributes = @{ extensionAttribute1 = "" extensionAttribute2 = "" extensionAttribute3 = "" } } | ConvertTo-Json Update-MgBetaDevice -DeviceId $Device.Id -BodyParameter $Attributes |
Conclusion
This script simplifies the process of assigning and managing extension attributes for Entra ID devices. By using the Microsoft Graph API and PowerShell, you can efficiently manage device attributes, enhancing your organization’s device management capabilities.
Script Source
Complete script as always is available for download on Azure365Addict GitHub.
Feel free to customize the script to fit your specific needs and improve your device management processes.
If you have any questions or want to extend this into automated cleanup or reporting, feel free to reach out.
Happy scripting!
