Below is a sample PowerShell script showing how to update a registered device’s extension attribute. The sample uses extensionAttriubte3. You can easily swap this out to a different one. Refer to the Update Device documentation for more info.
Import-Module Microsoft.Graph.Identity.DirectoryManagement
# Log in with the correct scope
Connect-MgGraph -Scopes "Directory.AccessAsUser.All"
$DeviceId = "<Device ObjectId>"
$params = @{
"extensionAttributes" = @{
"extensionAttribute3" = "hello2"
}
}
# Update Device
Update-MgDevice -DeviceId $DeviceId -BodyParameter ($params | ConvertTo-Json)
<#
The following technique to create json payload also works. Thanks to my colleague Will Fiddes for the idea
$json = '{ "extensionAttributes": { "extensionAttribute1": "BYOD-Device" } }'
Update-MgDevice -DeviceId $DeviceId -BodyParameter $json
#>
# Query Device
Get-MgDeviceById -DeviceId $DeviceId
Note: The above device update operation requires the signed in user to be in either the Intune Administrator role or Global Administrator role.
Hello,
Thank you for your script, if i understand thats work only with devices enrolled into Intune.
The devices marked as only Hybrid Azure AD Join will not be updated by these script ?
Thanks for confirmation
The script should work for hybrid joined devices