Retrieve Device Information

Retrieves information about all devices registered in Entra ID, including detailed information about device status, operating system details, trust type, and management information.

Usage

Running the script without any parameters retrieves information about all devices and exports to a CSV file in the default directory.

Get-Devices

Retrieves information about all devices and exports to a JSON file.

Get-Devices -Output JSON

Retrieves device information and saves as a JSON file in the Reports folder with UTF-8 encoding.

Get-Devices -OutputDir “Reports” -Output JSON -Encoding UTF8

Parameters

-OutputDir (optional)

  • OutputDir is the parameter specifying the output directory.

  • Default: OutputDevice Information

-Encoding (optional)

  • Encoding is the parameter specifying the encoding of the output file.

  • Default: UTF8

-Output (optional)

  • Output is the parameter specifying the type of output file (CSV or JSON).

  • Default: CSV

-LogLevel (optional)

  • Specifies the level of logging. None: No logging. Minimal: Logs critical errors only. Standard: Normal operational logging.

  • Default: Standard

-UserIds (optional)

  • UserIds is the UserIds parameter filtering the log entries by the account of the user who performed the actions.

Output

The output will be saved to the ‘Device Information’ directory within the ‘Output’ directory. The script provides: A CSV/JSON file containing detailed device information including:

  • CreatedDateTime

  • DeviceId

  • ObjectId

  • AccountEnabled

  • DeviceOwnership

  • DisplayName

  • EnrollmentType

  • IsCompliant

  • IsManaged

  • IsRooted

  • ManagementType

  • DeviceCategory

  • OperatingSystem

  • OperatingSystemVersion

  • Manufacturer

  • Model

  • LastSignInDateTime

  • TrustType

  • RegisteredOwners

  • RegisteredUsers

  • MDMAppId

  • OnPremisesSyncEnabled

  • ProfileType

  • SecurityIdentifier

Permissions

Before utilizing this function, it is essential to ensure that the appropriate permissions have been granted. This function relies on the Microsoft Graph API and requires an application or user to authenticate with specific scopes that grant the necessary access levels. Make sure to connect using both of the following permissions:

  • Device.Read.All

  • Directory.Read.All

Your command would look like this: Connect-MgGraph -Scopes ‘Device.Read.All’,’Directory.Read.All’