This is an update to an older article I wrote back in 2019 on how to Rename a device with Powershell and Graph ( https://timmyit.com/2019/05/21/intune-rename-ios-devices-with-intune-powershell-sdk/ ). Whats changed since 2019 is the powershell module and the deprecation of the AzureAD module that was used for authentication. From now on we should use the Microsoft.Graph modules and I will explain the process below.
To do this we first need to install these 2 powershell modules that are part of the new Microsoft.Graph modules. Each module cotains different cmdlets and for this example we need both of them to rename a device.
https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.devicemanagement
https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.devicemanagement.actions
Install-Module -Name Microsoft.Graph.DeviceManagement -Force
Install-Module -Name Microsoft.Graph.DeviceManagement.Actions -Force
Import-Module -Name Microsoft.Graph.DeviceManagement
Import-Module -Name Microsoft.Graph.DeviceManagement.Actions
Once installed, the next step is to import the module and run Connect-MgGraph with the Scopes parameter. The Scope parameters is needed to assign the correct permissions to the Enterprise Application that will be created if you haven’t used it before. Without the correct scope permissions you won’t be able to run the script.
The script
Connect-MgGraph -Scopes DeviceManagementManagedDevices.PrivilegedOperations.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All
Select-MgProfile -Name "beta"
$Device = Get-MgDeviceManagementManagedDevice -Filter "contains(serialNumber,'22299')"
Set-MgDeviceManagementManagedDeviceName -ManagedDeviceId $Device.Id -DeviceName "NEW-NAME"
Disconnect-MgGraph
If you have you have multiple objects with the same SerialNumber you might just want the last enrolled device. Then use this:
$Device = Get-MgDeviceManagementManagedDevice -Filter "contains(serialNumber,'22299')" | Sort-Object -Property EnrolledDateTime -Descending | Sort-Object -Property SerialNumber -Unique
Troubleshooting scopes and permissions
When you run the script for the first time and need to approve scopes and permissions you will see a prompt like this
If you accept from here your user will have the scopes and permissions needed to continue. However if you “Consent on behalf of your organization” you will grant permissions to anyone who have access to the Enterprise App “Microsoft Graph Command Line Tools“
The Microsoft Graph Command Line Tools app is can be found under portal.azure.com -> Azure Active Directory -> Enterprise Applications
User don’t have sufficient permissions
If you try to run the script with a user that does not have the correct permissions or scope consented you will see an message like
If you try to use an cmdlet and you don’t have the correct scope, you will see an error like this telling you which scope you need to perform the action
That’s it for this time, Don’t forget to follow me on twitter @timmyitdotcom
This isn’t working for me. The cmdlet works, passes the rename to Intune ( see it in the console as ‘pending’ ) it eventually completes but the device is not renamed. These are connected to AutoPilot.
Action
Rename device to XXXXXX
Status
Complete
Looks like “Set-MgDeviceManagementManagedDeviceName” was removed in the v2.x releases of Microsoft.Graph.DeviceManagement.Actions.
Need to add the words ‘Beta’ to get the new commands:
Install-Module “Microsoft.Graph.Beta.DeviceManagement.Actions”
Set-MgBetaDeviceManagementManagedDeviceName