Do with what you will, use the handy # Write-Host ($SpecificVar | Format-List | Out-String) # to see what is available.
# You need an appProfile with intune permissions
$tenantId = 'xxxxxxxxxxxx' # You Tenant ID
$appId = 'xxxxxxxxxx' # Application (client) ID
$appSecret = 'xxxxxxxxxxx' #Value
$body = @{
grant_type = "client_credentials"
scope = "https://graph.microsoft.com/.default"
client_id = $appId
client_secret = $appSecret
}
$response = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -Method Post -Body $body -ContentType "application/x-www-form-urlencoded"
$token = $response.access_token
$tenantId = 'xxxxxxxxxxxx' # You Tenant ID
$appId = 'xxxxxxxxxx' # Application (client) ID
$appSecret = 'xxxxxxxxxxx' #Value
$body = @{
grant_type = "client_credentials"
scope = "https://graph.microsoft.com/.default"
client_id = $appId
client_secret = $appSecret
}
$response = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantId/oauth2/v2.0/token" -Method Post -Body $body -ContentType "application/x-www-form-urlencoded"
$token = $response.access_token
# connecting as the application with the permission on the service
Connect-MgGraph -AccessToken ($Token |ConvertTo-SecureString -AsPlainText -Force)
#disConnect-MgGraph
#(get-mgcontext).Scopes
# (get-mgcontext)
if (get-mgcontext) {write-host "Connected to O365" -ForegroundColor Green}
else { write-host "Disconnected from O365" break}
Connect-MgGraph -AccessToken ($Token |ConvertTo-SecureString -AsPlainText -Force)
#disConnect-MgGraph
#(get-mgcontext).Scopes
# (get-mgcontext)
if (get-mgcontext) {write-host "Connected to O365" -ForegroundColor Green}
else { write-host "Disconnected from O365" break}
$allMGusers = get-mguser -Top 200
# $allMGusers = get-mguser -All # This can take time in a big environment.
# $allMGusers = get-mguser -All # This can take time in a big environment.
$allMGusers.Count
# $allMGusers[222] # Lets just see what 222 looks like?
# $allMGusers[222] # Lets just see what 222 looks like?
$SpecificUser = $allMGusers | Where-Object { $_.UserPrincipalName -like 'David.Colvin1*' }
$SpecificUser.Count
$SpecificUser.Count
# Write-Host ($SpecificUser | Format-List | Out-String) # dump it all to look at it.
Write-Host $SpecificUser.UserPrincipalName $SpecificUser.Id # Some things I am interested in
Write-Host $SpecificUser.UserPrincipalName $SpecificUser.Id # Some things I am interested in
# A UPN can also be used as -UserId.
$UserDevices = Get-MgUserOwnedDevice -UserId $SpecificUser.Id
$UserDevices = Get-MgUserOwnedDevice -UserId $SpecificUser.Id
foreach ($device in $UserDevices) {
$deviceDetails = get-mgdevice -DeviceId $device.Id
write-host $deviceDetails.DisplayName';'$deviceDetails.Id';'$deviceDetails.OperatingSystemVersion';'$SpecificUser.UserPrincipalName';'$SpecificUser.Id
# Write-Host ($deviceDetails | Format-List | Out-String) # dump it all to look at it.
}
$deviceDetails = get-mgdevice -DeviceId $device.Id
write-host $deviceDetails.DisplayName';'$deviceDetails.Id';'$deviceDetails.OperatingSystemVersion';'$SpecificUser.UserPrincipalName';'$SpecificUser.Id
# Write-Host ($deviceDetails | Format-List | Out-String) # dump it all to look at it.
}
No comments:
Post a Comment