Microsoft Graph Report Device Owner

Andres Bohren

2024-01-19

Hi All,

Recently i came across a Case where i wanted to know what devices are Associated to a specific Owner. You can do that in Entra Admin Center and filter for a specific Owner.

Once you click on the Device, you can see more details of the device

Let’s check out the Microsofg Graph API with Graph Explorer

You need to use the ObjectID and not the DeviceID

https://graph.microsoft.com/v1.0/devices/e151ae1b-9083-448b-b482-ed6609e80037

Once you have a Device you can figure out who is the Owner

https://graph.microsoft.com/v1.0/devices/e151ae1b-9083-448b-b482-ed6609e80037/registeredOwners

Let’s do the same thing with the Microsoft.Graph PowerShell Module

Get-MgDevice

List all Devices

Connect-MgGraph -Scope Directory.Read.All -NoWelcome
Get-MgDevice -All

Filter for a specific Devices

$Device = Get-MgDevice -Filter "displayName eq 'ICE11'"
$Device.AdditionalProperties

Get-MgDeviceRegisteredOwner

$DeviceOwner = Get-MgDeviceRegisteredOwner -DeviceId "e151ae1b-9083-448b-b482-ed6609e80037"
$DeviceOwner.AdditionalProperties

Or you can do it the other way around - check what Devices are assigned to an Owner

https://graph.microsoft.com/v1.0/users/a.bohren@icewolf.ch/registeredDevices?$select=deviceId,displayName

Let’s do that in Microsoft.Graph PowerShell

Get-MgUserOwnedDevice

Connect-MgGraph -Scope User.Read.All -NoWelcome
$Devices = Get-MgUserOwnedDevice -UserId a.bohren@icewolf.ch

$DeviceArray = @()
Foreach ($Device in $Devices)
{
	$DeviceObject = [PSCustomObject]@{
		DeviceID = $Device.id
		DisplayName = $Device.AdditionalProperties.displayName
		OS = $Device.AdditionalProperties.operatingSystem	
	}
	$DeviceArray += $DeviceObject
}
$DeviceArray

Now there are two ways to get a Report.

Iterate throuh all users and check theyr assigned devices
Iterate throu all devices and check the assigned owners

I’ll do the second one, because it’s more likely that all devices have Owners than users have Devices.

Connect-MgGraph -Scope Directory.Read.All -NoWelcome
$Devices = Get-MgDevice -All

$DeviceArray = @()
Foreach ($Device in $Devices)
{

	$DeviceID = $Device.Id
	$DeviceOwner = Get-MgDeviceRegisteredOwner -DeviceId $DeviceID
	$OwnerUPN = $DeviceOwner.AdditionalProperties.userPrincipalName

	$DeviceObject = [PSCustomObject]@{
		DeviceID = $DeviceID
		DisplayName = $Device.displayName
		OS = $Device.operatingSystem
		OwnerUPN = $OwnerUPN
	}
	$DeviceArray += $DeviceObject
}
$DeviceArray

You can now sort the Result or Export to CSV

$DeviceArray | Sort-Object OwnerUPN
$DeviceArray | Sort-Object OwnerUPN | Export-Csv -Path C:\Temp\GraphDevices.csv -NoTypeInformation

Regards
Andres Bohren