Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant. In the Intune admin center, devices show as Microsoft Entra joined. When I run Get-IntuneManagedDevice it returns four objects @odata. deviceName -eq 'TESTVM01'}See an overview of the steps to start using Intune. Important: Microsoft Graph APIs under the /beta version are subject to change; production use is not supported. For the specific user experience, see enroll the device. But what I also want to do is only show the devices where the "lastsyncdatetime" is today. Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant. The Intune management extension contains the technology to bring that file to the device, extract the files and perform the configured actions. <#. I figured it out. The scenario is the following. You can find in a previous post, how to authenticate to the module wit a secret. Bulk Enrolment. Hey All, I'm currently looking for where the "Total physical memory" attribute under hardware on an intune device is stored in Graph. Step 4: Enroll devices. Then, to uninstall a specific update that was present in the list of installed updates, run:Update the value of the parameter in the script, add or remove any roles that you want to assign in the variable, and then run the script. So, the function within the available module isn't our solution. For windows 10 devices, it only lists the MSI apps and Mordern apps. I want a . By default most property of this type are set to null/0/false and enum defaults for associated types. reg file to the affected device, and then merge it with the local registry. I'm trying to understand how to use the data and the @odata. ps1","path":"ManagedDevices/ExpiringCertJuly2020_All. ps1","path":"ManagedDevices/ExpiringCertJuly2020_All. 3a) Get-AzureAdDevice -top 8000 | Export-csv C:powershellDeviceList. NET 4 runtime). Step 3: Create dynamic Microsoft Entra group. I'm struggling a bit with the Intune Powershell cmdlets. Graph. csv -NoTypeInformation -Append Not 100% if there is any value held within intune to pull the last logged on user with a time stamp. 2. The expected return would be the data in Value. Type Get-IntuneManagedDevice 3. Just before looking at the actual steps of changing the primary user of a Windows device, it’s good to go through a few notes about changing the. 3) Pipe List of All Devices in Azure Ad to csv file (This list will have 2 key columns you need "System Name" and "Object Id's". ps1","path":"Samples/ManagedDevices. After filling in all these details, you can see the Rules syntax in the syntax box. Read properties and relationships of the managedDevice object. If you click on the preview button, you can see 2 preview devices based on the rules syntax filter rule. You can get a result of the devices by changing the command to this: (Get-IntuneManagedDevice). I'm trying to call the cmdlet Get-IntuneManagedDevice and my environment has more than 1000 devices so only the first 1000 are retrieved. With less documentation and more options for graph API, most of the implementation and help is available around graph API for intune. Get list of intune managed devices. Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant. ps1","path":"ManagedDevices/ExpiringCertJuly2020_All. However, ran with my full admin account, the Powershell commands Get-IntuneManagedDevice and Get-DeviceManagement_ManagedDevices fail to find these devices with the special Scope Tag, until the "Default" is added to them. "(managementAgent eq 'mdm') and (operatingSystem ne 'iOS')" andConnect to Intune via PowerShell - social. Make sure the ownership of the devices in Intune are marked as Corporate, if it's Personal, only managed apps can be listed in the report. Locate device with Intune: Fetch Windows 10 device location. managedDevice'. Available Intune reports. count, @odata. g. Thanks. Assign licenses to users. You may get a dialogue box to save the file once export completed. Reporting: The process of giving an account of something that has been observed, heard, done, or investigated. We can easily turn those devices into kiosks, configure them for shared usage, keep them up-to-date with Windows quality and feature updates, protect them using endpoint protection policies, even enroll them into Defender ATP. The specific use case here is that you might need to run a sync to multiple devices and instead of needing to go. 608 without any issues. To retrieve actual values GET call needs to be made, with device id and included in select parameter. This function is used to add an RBAC Intune Role to the Intune Service. Add a device enrollment manager. A user account that is added to Device Enrollment Managers account will not be able to complete enrollment when Conditional Access. That can be achieved by using Add default response to specify the response. com"} You can make a list of all the users who have registered one device or more with the command: Get-IntuneManagedDevice | Select emailAddress | Sort-Object emailAddress -Unique. But only to find that the report blade shows the encryption status information only. I'm trying to search the output of get-intunemanageddevice by IMEI number and running into issues. When they were imported into our tenant, they were given the serialNumber of the device as their deviceName. To view apps targeted for this device, select Managed Apps in the Monitor section. SYNOPSIS. Viewed 280 times 0 I am trying to make an automated export from MS InTune. View your device details, including operating systems, storage space, manufacturer, and model. To view the reports for an individual policy, in the admin center go to Devices > Compliance Policies > Policies, and then select the policy for which you want to view its report details. On the Apps | App configuration policies blade, click Add > Managed devices to open the Create app configuration policy wizard. この記事の内容. Find the primary user of an Intune device . But what we instead want to do is to invoke a sync with the help of the Intune Powershell SDK. The scenario is the following. Get-InstalledModule -name Microsoft. And not necessarily if the BitLocker recovery key was successfully. That was, until I started using the Microsoft. PowerShell. Namespace: microsoft. Intune is a Mobile Device Management service that is part of Microsoft's Enterprise Mobility + Security offering. The Intune Diagnostics can be really useful with troubleshooting APP. This is your service account and is used to work with Android and. You can get an overview of de deviceID's with: Get-IntuneManagedDevice -managedDeviceId 2b249a2b-XXXX-XXXX-XXXX-XXXXXXXXXXXXX | Select * But I don't think it is showing me the correct Primary user, because if I manually change the Primary User of the device in the Device Properties in Intune, the above command does not pull the changed user Hello I am trying to get Intune device hardware data with Graph and I am not having any luck. nextLink parameter to loop through all. See full list on learn. The Microsoft Graph is a REST API that allows developers (or smart administrators!) access to the data stored in the backend of Microsoft services. Enroll the devices in Intune. Under Advanced settings, select Data > Windows Event Logs. Invoke Intune sync on bulk devices using powershell. I was using the latest release 1907 but even downloaded the older version in this example and ran into the same issue. Device enrollment enables you to access your work or school's internal resources (such as apps, Wi-Fi, and email) from your mobile device. As best I can tell, this is because this function uses the 1. Namespace: microsoft. Policy-based device compliance reports. After clicking the next button, the below Rules window will appear, and select the property as appVersion, the operator as NotEquals, and the value as 1. Primary user, also known as User Device Affinity, is a property of each Intune device. Fixed a bug when there is no AP devices, but we still want to delete Intune/AAD/AD devices. Control guest accounts, manage accounts and delete inactive accounts, allow or prevent saving to local storage,. Value But that will only get you the result of the 1000 devices. In the first post, we described occasions when a BitLocker. graph. Delete the old Azure AD registration, and then update Group Policy. Note. Deploy certificate to devices. It is possible to enrol Windows 10 devices to your Azure AD tenant using the Windows Configuration Designer app to build a provisioning package which can be applied to corporate owned devices to join them to your tenant and enrol them for Intune Management. Managing Intune with PowerShell is possible by using the Intune PowerShell SDK which provides connection to the Microsoft Graph. For Public apps, choose Select public apps, and then, on the Targeted apps blade, choose Edge for iOS and Android by selecting both the iOS and Android platform apps. Microsoft Store apps. Teams. Get-IntuneManagedDevice |select-object deviceName, id Hope it will give you some ideas. Installation Options. Hi. Devices that are managed or pre-enrolled through Intune. You switched accounts on another tab or window. ps1","path":"ManagedDevices/ExpiringCertJuly2020_All. In order to access functionality in the "beta" schema you must change the schema version using the command below. Intune Import-Module -Name Microsoft. Namespace: microsoft. The appropriate cmdlet is: Invoke-DeviceManagement_ManagedDevices_RebootNowGet-IntuneManagedDevice | Where-Object {$_. is that the expected behavior? below follow the command line Get-IntuneManagedDevice -managedDeviceId "850c085b-deb0-46f8-a9c3-ac05f8f9bc26" To export the device details, click on Export. Graph. I also want to collect Azure AD group memberships of computer objects but list the computer owner at the same time. Only non-user locations and file types are accessed. To automate the process of posting the updated device name we are going to use a foreach loop, after initially checking that the variable used contains at least. Value But that will only get you the result of the 1000 devices. nextLink and Value. To configure a Device Type Enrollment Restriction, perform the following steps: Microsoft Endpoint Mangager admin center > Devices > Enroll Devices >. Permissions. Set up the Android Enterprise fully managed device solution in Microsoft Intune to enroll and manage corporate-owned devices. Browse to the directory (e. Go to Devices > Device Categories. This will works in : 1. deviceName -eq "<target device name>"} If you want to get some information of this device, please refer to the. The solution is to uninstall AzureRM, the older version. Below you can find screenshot from that page. Such devices include computers, tablets, and phones. Add Network console to capture the network record. 1. After checking the device information, I find the value of the "Enrolled by" is the same as userdisplayname. Intune's Attack surface reduction policies use the AppLocker CSP for their Application control profiles. Request body. Monitoring Windows Update status required a separate OMS console in the past but now this data is available in. Right now, the only place I see the info is if we use the Intune for Education portal. Customer is large org that needs to delegate device mgnt to sub-entities in their org. 0 and beta endpoints. In this article. Again we need to use the Get-IntuneManagedDevice cmdlet to get all the devices we want to invoke a sync on and we are using the -Filter parameter to get perhaps all the windows, iOS or Android devices. e. Hi everyone, I'm looking to use powershell to modify some Android device Management Names in Intune. Step 1: Deploy Chrome browser. ps1","path":"Powershell_Commands. Choose Devices > All devices > choose a Windows device > Properties > Change primary user. graph. The script to execute the request will receive a list of devices and the current owner. In Alternate actions, select Join this device to Azure Active Directory, and enter the information they're asked. For more detailed information about how to set up, onboard, or move to Intune, see the Intune setup deployment guide. Get a list of installed apps, check compliance policies, and set. {"payload":{"allShortcutsEnabled":false,"fileTree":{"ManagedDevices":{"items":[{"name":"ExpiringCertJuly2020_All. Graph. Select Generate report (or Generate again) to retrieve current data. It can be a large task, especially if you're not sure where to start. If this post helps, then please consider Accept it as the solution to help the other members. 1 more reply. If your devices are co-managed and meet the Intune device requirements, we recommend using the instructions in this quickstart to enroll them to Endpoint analytics via Intune. In this article. Click Devices and then click Windows. Configure the following permissions. This article assumes you're familiar with filters. log file and see that the enrollment was successful: Experience for a Non-Cloud User. 5: Some change in language around on-prem domain. I have put information into the notes field of an Intune Enrolled device. Saved searches Use saved searches to filter your results more quicklyYou signed in with another tab or window. In Device status, the devices assigned to the profile are listed, and the deployment status is shown. userId: String: Unique Identifier for the user associated with the device. . You can also Save the command as script:Let me preface this question by stating I may be misunderstanding how this is supposed to work. Note: The Microsoft Graph API for Intune requires an active Intune license for the tenant. To list all users from a particular department or country, use the following syntax: 1. Select Reports > Device compliance > Reports tab > Device compliance. To install PowerShell module for Intune Graph API, open PowerShell with admin privilege’s and run below command. Select a new user and choose Select. I am trying to make an automated export from MS InTune. PrivilegedOperations. I'm trying to search the output of get-intunemanageddevice by IMEI number and running into issues. Introduction. If the answer is the right solution, please click "Accept Answer" and kindly upvote it. For this problem, I don't know how to run Get-IntuneManagedDevice with token in azure powershell function. No unfortunately not. I won’t go into any more detail on this as there is plenty more. In the Event Viewer on the client computer you will see successful events for enrollment: Lastly, you can check the comanagementhandler. Create filter pane. Get-IntuneManagedDevice | Where-Object {$_. For the specific steps, go to Set up Intune enrollment of Android Enterprise dedicated devices. <#. 0 API. Unique Identifier for the user associated with the device. Select a user from the popout and that’s it! Just be sure that the. The Collect diagnostics remote action lets you collect and download Windows device logs without interrupting the user. I'm unable to connect with an account that does not have Admin access, despite using the AdminConsent to grant the application access. Select “Import a runbook” and upload the Update-PrimaryUserWbhook. Discovered apps is a separate report from the app installation reports. I won’t go into any more detail on this as there is. We are using V1. To help with these challenges and tasks, use Microsoft Intune. Enter the full string value (using -eq, -ne, -in, -notIn operators), or partial value (using -startswith, -contains, -notcontains operators). I've tried multiple things including Get-IntuneManagedDevice -Select id, userDisplayName, serialNumber and Get-IntuneManagedDevice -Filter "ID eq '$_. Who knew, first of all, if you used a variable in the filter string for Get-IntuneManagedDevice, if there is no matching device, the command fails silently and produces no output? So if you have something likeIT administrators can now use filters in Microsoft Endpoint Manager to target apps, policies and other workload types to specific devices. ; Select Microsoft Entra ID. Running "Get-IntuneManagedDeviceDeviceCompliancePolicyState. context, @odata. Thanks Harm, but unfortunately this isn't resolving this issue for me I have replicated your query exactly, but firstly Graph does not recognize the property hardwareInformation : Parsing OData Select and Expand failed: Could not find a property named 'hardwareInformation' on type 'microsoft. Get-IntuneManagedDevice Hope it will help. Let’s start with some simple examples. However, ran with my full admin account, the Powershell commands Get-IntuneManagedDevice and Get-DeviceManagement_ManagedDevices fail to find these devices with the special Scope Tag, until the "Default" is added to them. cd C:IntuneGraphSamples) For each Folder in the local repository you can browse to that directory and then run the script of. NET 5, Powershell 7 is built on top of . I've managed to figure out how to find the. In this article. Get-IntuneManagedDevice -managedDeviceId 2b249a2b-XXXX-XXXX-XXXX-XXXXXXXXXXXXX | Select * But I don't think it is showing me the correct Primary user, because if I manually change the Primary User of the device in the Device Properties in Intune, the above command does not pull the changed userHello I am trying to get Intune device hardware data with Graph and I am not having any luck. I found a powershell script that extracts hardware information from Intune joined devices, however, the physicalMemoryInBytes that appears in the output file displays a 0. But I can provide a workaround below for your reference(use rest api to get the same result in azure. {"payload":{"allShortcutsEnabled":false,"fileTree":{"Samples/ManagedDevices":{"items":[{"name":"ManagedDeviceOverview_Get. Graph has 2 APIs. Add a nice description and click Next. deviceName -eq "<target device name>"} | Select-object deviceName, id, serialNumber. Go to endpoint. Events include Alerts for a device that can't register with Windows Update (which is. To create the parameters described below, construct a hash table containing the appropriate properties. This can be changed manually on each device directly in the Intune portal after enrollment. Enter the UPN and authenticate yourself on your tenant. The -filter switch using the or operator behaves like and. This is one time activity and doesn’t need any actions further. List properties and relationships of the windowsManagedDevice objects. Step 1: Prerequisites. Select Devices > Windows > Windows enrollment > Devices (under Windows Autopilot Deployment Program) > Sync. I have been given a large list of users that need a specific application deploying. For Windows 10 devices that are Microsoft Entra joined or Microsoft Entra hybrid joined, the primary user of a device can be updated. Permission type. Don't use the model name. It only happens when I run it agains our production tennant, it works as. Found a potential way using the folder where the IntuneManagementExtension service is installed. context, @odata. Switch to include EAS devices (not included by default) . Get-IntuneManagedDevice | Get-MSGraphAllPages | Out-GridView. {"payload":{"allShortcutsEnabled":false,"fileTree":{"ManagedDevices":{"items":[{"name":"ExpiringCertJuly2020_All. (faster method) Get-IntuneManagedDevice -Filter “UserPrincipalName eq ' [email protected] API and the Beta API. Select Device – Find Group Membership For Device from Intune MEM Portal 1. Add and use Windows 10/11 and Windows Holographic for Business devices that are shared, or used by multiple users in Microsoft Intune. Get-IntuneManagedDevice -Filter "contains (deviceName,'AAY6P')" #| select serialnumber, devicename, userDisplayName, userPrincipalName, id, userId, azureADDeviceId, managedDeviceOwnerType, model, manufacturer. The statements I found for Library permissions on Stack Exchange don't report just the library permissions either, they are reporting the Sites permissions. [Optional] You can configure scope tags for your app configuration policy. Intune Import-Module -Name Microsoft. If you're an ISV, you can also use the Intune API to manage client tenants. You can use the Intune API in Microsoft Graph to manage devices, apps, and even configure Intune while using your preferred tools. Read properties and relationships of the managedDeviceOverview object. ; If you don't have a license for Microsoft Entra ID P1 or P2, see Sign up for. com"} You can make a list of all the users who have registered one device or more with the command: Get-IntuneManagedDevice | Select emailAddress | Sort-Object emailAddress -Unique. Hello, I'm setting up a report using microsoft graph via powershell to return device data where we can compare primary user and last logged on user. Create an application. You can use Intune to orchestrate app deployment through Managed Google Play for any Android Enterprise scenario (including personally owned work profile, dedicated, fully managed, and corporate-owned. 3a) Get-AzureAdDevice -top 8000 | Export-csv C:\powershell\DeviceList. Once enabled, Microsoft's management and security surfaces start working together, automatically determining which devices are onboarded to Microsoft Defender for Endpoint, and whether or not they are also enrolled in Microsoft Endpoint Manager. Graph has 2 APIs. ALIASES. {"payload":{"allShortcutsEnabled":false,"fileTree":{"ManagedDevices":{"items":[{"name":"ExpiringCertJuly2020_All. com ). Open Intune portal, press F12 to open Devtools. The expected return would be the data in Value. Filters in basics. I figured it out. @GerardoHernandez . Let me preface this question by stating I may be misunderstanding how this is supposed to work. Namespace: microsoft. Intune module using below commands:. csv. The specific use case here is that you might need to run a sync to multiple devices and instead of needing to go. emailAddress -like "some. If i manually run the Get-IntuneManagedDevice query, i'm able to see the users 1 device. Authenticate with certificate. 1. I like to capture as much information on an Azure Join device using Powershell. The Microsoft Graph is a REST API that allows developers (or smart administrators!) access to the data stored in the backend of Microsoft services. Most of it comes back null At this point I am just trying to get the System Management BIOS version which. Choose Devices > All devices > choose a Windows device > Properties > Change primary user. Methods1. microsoft. Permissions. PowerShell is a cross-platform (Windows, Linux, and macOS) automation tool and configuration framework optimized for dealing with structured data (e. Create Device Category in Intune. See the command to use: Invoke_LocateDevice. {"payload":{"allShortcutsEnabled":false,"fileTree":{"Security":{"items":[{"name":"Enable-BitLockerEncryption. On the Add User, enter a user principal name for the DEM user, and select Add. 1. Does anyone have a quick script they use that will tell me the primary device name and object id for each device so I. graph. This property is read-only. Get-IntuneManagedDevice -Filter "contains (deviceName,'AAY6P')" #| select serialnumber, devicename, userDisplayName, userPrincipalName, id, userId, azureADDeviceId, managedDeviceOwnerType, model, manufacturer. deviceName -eq "<target device name>"} If you want to get some information of this device, please refer to the following command: Get-IntuneManagedDevice | Where-Object {$_. If you want to get a list of all your devices, you better run this command: Get-IntuneManagedDevice | Get-MSGraphAllPages Get-IntuneManagedDevice | Where-Object {$_. In this article. Once done, need the global admin to run the PowerShell script (lnk in earlier section) once via his/her credentials to grant consent. 9. But bevor you do this open the developer tools form the Browser via F12 and select Graph X-Ray. Managing Intune with PowerShell is possible by using the Intune PowerShell SDK which provides connection to the Microsoft Graph. ps1","path":"ManagedDevices/ExpiringCertJuly2020_All. All (and. I'm using Get-DeviceManagement_ManagedDevices and/or Get-IntuneManagedDevice with various -filters to get device counts and also perform various functions on some devices. Step 3: Create dynamic Microsoft Entra group. was looking at different methods (even graph API), and no luck. To find Intune devices with missing BitLocker keys in Azure AD, any experienced Intune administrator would instinctively look at the Encryption report available under Devices -> Monitor. Install-Module IntuneStuff -Force Import-Module IntuneStuff -Force # connect to Graph API Connect-MSGraph # get all Intune policies Get-IntunePolicy -verbose # get just Apps and Compliance Intune policies Get-IntunePolicy. When I’m using Get-IntuneManagedDevice | Out-GridView i’m only getting the 4 columns (@odata. PARAMETER. I install Intune module and connect to Microsoft Graph with the following commands: There are two UPN values in Intune: the userPrincipleName at the device level is the ‘ Enrolled by ’ user, the ‘ Primary user ’ account is found one level deeper at the managedDevices/ {Device ID}/users level. The hardward details for the device. For information on hash tables, run Get-Help about_Hash_Tables. Read properties and relationships of the. Configuration: The process of arranging or setting up computer systems, hardware, or software. Select the 3 horizontal dots on the. This allows you to collect information from all pages of. Get-AzureADUser -Filter "Department eq 'HP'". On first run, you're prompted to approve the required app. 0 API. Namespace: microsoft. Upload the certificate to the Azure app. Enter Microsoft Intune. You may add an optional description about the category. This is one time activity and doesn’t need any actions further. graph. We are pleased to announce that Microsoft Intune support for Android Enterprise fully managed devices is now generally available. @na , Based on my test in my lab, I find we can using the following method to get all the managed devices in graph. technet. g. PowerShell. Get-IntuneManagedDevice -Select id,ethernetMacAddress | Get-MSGraphAllPages I get: Get-DeviceManagement_ManagedDevices : Cannot validate argument on parameter 'Select'. Sapratz • •. Get-IntuneManagedDevice -Filter "deviceEnrollmentType eq 'windowsAzureADJoin'" However that returns all devices regardless of what the deviceEnrollmentType is. When you assign your BYOD profiles, you would target the former group, and when you assign company profiles, you would target the latter. Open the Azure portal and navigate to Microsoft Intune > Device enrollment > Windows enrollment to open the Device enrollment – Windows enrollment blade; 2. But what I also want to do is only show the devices where the "lastsyncdatetime" is today. NAME Update-IntuneManagedDevice SYNOPSIS Windows 10. Version 1. Once you’ve selected the event logs you want to capture, click Save (above Data) and. 3. Hey guys, we fixed our issue with the create of a new group to apply for a new Defender firewall policy accepted this : "The firewall allows RDP connection only with the private network or with the. I can even do Get-IntuneManagedDevice -Filter "serialNumber eq 'DEADBEEF'"| select manageddeviceid to get the managedDeviceID value as an output. The example below works: Get-IntuneManagedDevice -Filter "IMEI eq '123456789012345". Intune. It supports a single parameter -JSON as an input to the function to pass the JSON data to the service. Powershell Get-IntuneManagedDevice with two different Filters. 1. blade;. The Intune management extension contains the technology to bring that file to the device, extract the files and perform the configured actions. Each compliance policy you create directly supports compliance reporting. Select the notification banner that says Preview upcoming changes to Devices and provide feedback. I'm writing a PowerShell script and need to be able to connect to MS Graph to use Intune Graph. In this article. Locate Device with Microsoft Intune. g. Includes information such as storage space, manufacturer, serial number, etc. The switch -phoneNumber for Get-IntuneManagedDevice is the closest in functionality but nowadays the providers do not program the MSIN in the SIM card due to the portability of the numbers and phone number assignment on activation rather than pre-assigning phone numbers (business customers). (faster method) Get-IntuneManagedDevice -Filter “UserPrincipalName eq ' [email protected] case: automating role scope tag assignments to devices in Intune. The instructions in your link are used to delete a Azure AD registered device, not used to delete the managed devices in Intune. Select the Windows 10 Device from which you want to collect Logs with Intune. To try the new Devices experience, sign in to the Microsoft Intune admin center and go to Devices > Overview. 0" version of the Graph schema. ) # Your tenant ID (in the Azure portal, under Azure Active Directory > Overview). Select Monitor > Group Membership – Find Group Membership For Device from Intune MEM Portal 2. Microsoft Endpoint Manager admin center and choose Devices > Enroll devices > Device enrollment managers. About reporting data latency. >Connect-AzAccount. Click Next to display the Scope tags page. I have created Policy Script in Intune to get my Intune Enrolled Devices inventory using this command: Get-IntuneManagedDevice | Out. Once you have your workspace open, click on Advanced settings (under Settings): Advanced settings. No unfortunately not. Intune Connect-MSGraph Get-IntuneManagedDevice | Get-MsGraphAllPagesThanks Peter! I found some commands to gather permissions but I am betting that they will be better and faster using Graph. The cmdlet for removing a device would be done with something like: Remove-IntunemanagedDevice -manageddeviceID <string> Remove-IntunemanagedDevice -manageddeviceID "14209832-15f7-4b1d-8fae-65624c0682c5". Restart the affected device again. Wait while Company Portal checks your device. Install-Module -Name Microsoft. Microsoft Intune is a cloud-based service which allows you to remotely manage mobile devices and mobile applications.