Intune – Invoke sync to all devices in Intune with the Intune powershell SDK

 

Continuing the series where I cover how to use the powershell SDK for Intune and some real world use cases. Today we will cover how to invoke a sync from Intune to one or several devices.

If you haven’t installed the SDK you can either go to https://www.powershellgallery.com/packages/Microsoft.Graph.Intune/ and you can also check out my earlier post on how to get started and use the SDK:

 

Intune Powershell SDK

Intune – Show VPP account Information directly from the client apps view for easier management 

Intune – Rename iOS devices with Intune Powershell SDK 

 

Syncing a device from the Intune Portal

 

The manual way of invoking a sync to a device from Intune is to go to Intune -> Devices -> (Select the device you want to sync) -> Sync 

 

 

 

But what we instead want to do is to invoke a sync with the help of the Intune Powershell SDK. The specific use case here is that you might need to run a sync to multiple devices and instead of needing to go in to the UI and click “Sync” as shown in the picture and for that we can use the Intune Powershell SDK and Graph API to do the work for us.

 

Sync one device

 

Lets get started, I assume you’ve Installed the SDK by now and the first thing we are going to look at is how to run a sync against a single device.

 

First we need to authenticate towards the tenant we are going to use and we do that with the Connect-MSGraph cmdlet.

 

Connect-MSGraph

 

 

Once connected we need to use the Get-IntuneManagedDevice cmdlet and then use the -Filter parameter to get the specific device we want. I’ll do a more in depth post on filtering and how you can search and filter when using the Graph API later so stay tuned for that.

In this example I’m just filtering on the deviceName property, you should replace ‘DESKTOP-G0HGUP’ for the device name you are looking for.

 

 

 

Get-IntuneManagedDevice -Filter "contains(deviceName,'DESKTOP-G0HGHUP')"

 

When we retrieved the device we need to invoke the sync request and for that we will use the Invoke-IntuneManagedDeviceSyncDevice cmdlet. If you want to make a one liner we just need to pipe the result and its super easy.

 

 

Get-IntuneManagedDevice -Filter "contains(deviceName,'DESKTOP-G0HGHUP')" | Invoke-IntuneManagedDeviceSyncDevice

 

Sync multiple devices

 

Now to the more exiting part, how can we leverage the power of the Intune Powershell SDK to sync multiple devices. We need to start just like we did when we tried to sync one device to get all the devices we want to invoke a sync on.

Side note. If you want to sync more than 1000 devices you need to do something called Paging. The Intune Powershell SDK uses Graph API which is a REST API and returns pages containing 1000 objects at the time, if you exceed 1000 you need to get the next page containing the next 1000 objects and so on until you got all the objects. This can be done by using the cmdlet Get-MSGraphAllPages.

 

Again we need to use the Get-IntuneManagedDevice cmdlet to get all the devices we want to invoke a sync on and we are using the -Filter parameter to get perhaps all the windows, iOS or Android devices. Here’s a few examples

 

$Devices = Get-IntuneManagedDevice -Filter "contains(operatingsystem, 'iOS')"

$Devices = Get-IntuneManagedDevice -Filter "contains(operatingsystem, 'Windows')"

$Devices = Get-IntuneManagedDevice -Filter "contains(operatingsystem, 'Android')"

 

As mentioned earlier, if you have more than 1000 objects returned you need to use the Get-MSGraphAllPages like this

 

$Devices = Get-IntuneManagedDevice -Filter "contains(operatingsystem, 'Windows')" | Get-MSGraphAllPages

 

 

 

Running the $Devices = Get-IntuneManagedDevice -Filter “contains(operatingsystem, ‘Windows’)” in my lab tenant will get me 5 devices

 

 

Next step is to invoke a sync towards all of those devices and I’m also adding a Write-host just to make it more visible that the script is actually doing something.

 

Foreach ($Device in $Devices)
{

Invoke-IntuneManagedDeviceSyncDevice -managedDeviceId $Device.managedDeviceId
Write-Host "Sending Sync request to Device with DeviceID $($Device.managedDeviceId)" -ForegroundColor Yellow

}

 

 

That’s it and below you will find the a complete script template you can use which will make sure the Powershell module is Installed and that you have an authentication token and if not it will run Connect-MSGraph where  you need to authenticate towards the tenant you want to run the script against. Stay tuned for more content in regards to Graph API and the Intune Powershell SDK.

 

$IntuneModule = Get-Module -Name "Microsoft.Graph.Intune" -ListAvailable
if (!$IntuneModule){

write-host "Microsoft.Graph.Intune Powershell module not installed..." -f Red
write-host "Install by running 'Install-Module Microsoft.Graph.Intune' from an elevated PowerShell prompt" -f Yellow
write-host "Script can't continue..." -f Red
write-host
exit
}
####################################################
# Importing the SDK Module
Import-Module -Name Microsoft.Graph.Intune

if(!(Connect-MSGraph)){
Connect-MSGraph
}
####################################################

#### Insert your script here

#### Gets all devices running Windows
$Devices = Get-IntuneManagedDevice -Filter "contains(operatingsystem,'Windows')"

Foreach ($Device in $Devices)
{

Invoke-IntuneManagedDeviceSyncDevice -managedDeviceId $Device.managedDeviceId
Write-Host "Sending Sync request to Device with DeviceID $($Device.managedDeviceId)" -ForegroundColor Yellow

}

####################################################

 

Leave a comment or question in the comment section below.

 

That’s all for now and until next time, cheers !

Don’t forget to follow me on twitter

[twitter-follow screen_name=’Timmyitdotcom’]

 

And you can also find me blogging over at http://blog.ctglobalservices.com/