Intune – Rename devices with Powershell and Microsoft.Graph module

This is an update to an older article I wrote back in 2019 on how to Rename a device with Powershell and Graph ( ). Whats changed since 2019 is the powershell module and the deprecation of the AzureAD module that was used for authentication. From now on we should use the Microsoft.Graph modules and I will explain the process below.

To do this we first need to install these 2 powershell modules that are part of the new Microsoft.Graph modules. Each module cotains different cmdlets and for this example we need both of them to rename a device.

Install-Module -Name Microsoft.Graph.DeviceManagement -Force
Install-Module -Name Microsoft.Graph.DeviceManagement.Actions -Force 
Import-Module -Name Microsoft.Graph.DeviceManagement
Import-Module -Name Microsoft.Graph.DeviceManagement.Actions

Once installed, the next step is to import the module and run Connect-MgGraph with the Scopes parameter. The Scope parameters is needed to assign the correct permissions to the Enterprise Application that will be created if you haven’t used it before. Without the correct scope permissions you won’t be able to run the script.

The script

Connect-MgGraph -Scopes DeviceManagementManagedDevices.PrivilegedOperations.All, DeviceManagementManagedDevices.Read.All, DeviceManagementManagedDevices.ReadWrite.All

Select-MgProfile -Name "beta"

$Device = Get-MgDeviceManagementManagedDevice -Filter  "contains(serialNumber,'22299')"

Set-MgDeviceManagementManagedDeviceName -ManagedDeviceId $Device.Id -DeviceName "NEW-NAME"


If you have you have multiple objects with the same SerialNumber you might just want the last enrolled device. Then use this:

$Device = Get-MgDeviceManagementManagedDevice -Filter  "contains(serialNumber,'22299')" | Sort-Object -Property EnrolledDateTime -Descending | Sort-Object -Property SerialNumber -Unique

Troubleshooting scopes and permissions

When you run the script for the first time and need to approve scopes and permissions you will see a prompt like this

If you accept from here your user will have the scopes and permissions needed to continue. However if you “Consent on behalf of your organization” you will grant permissions to anyone who have access to the Enterprise App “Microsoft Graph Command Line Tools

The Microsoft Graph Command Line Tools app is can be found under -> Azure Active Directory -> Enterprise Applications

User don’t have sufficient permissions

If you try to run the script with a user that does not have the correct permissions or scope consented you will see an message like

If you try to use an cmdlet and you don’t have the correct scope, you will see an error like this telling you which scope you need to perform the action

That’s it for this time, Don’t forget to follow me on twitter @timmyitdotcom


  1. This isn’t working for me. The cmdlet works, passes the rename to Intune ( see it in the console as ‘pending’ ) it eventually completes but the device is not renamed. These are connected to AutoPilot.

    Rename device to XXXXXX

  2. Looks like “Set-MgDeviceManagementManagedDeviceName” was removed in the v2.x releases of Microsoft.Graph.DeviceManagement.Actions.

    1. Need to add the words ‘Beta’ to get the new commands:

      Install-Module “Microsoft.Graph.Beta.DeviceManagement.Actions”

Leave a Reply