Script for Updating Device Ownership in Microsoft Graph
Device Ownership Update Script for Microsoft Graph
Section titled “Device Ownership Update Script for Microsoft Graph”Overview
Section titled “Overview”This PowerShell script connects to Microsoft Graph with appropriate permissions and automates the process of updating device ownership from personal to company for managed devices.
Script Capabilities
Section titled “Script Capabilities”| Function | Description | Business Value |
|---|---|---|
| Authentication | Connects to Microsoft Graph with DeviceManagementManagedDevices.ReadWrite.All scope | Secure API access to device management data |
| Device Filtering | Retrieves macOS and Windows devices owned by personal users | Targeted updates for specific device types |
| Ownership Update | Changes ownership type from “personal” to “company” | Ensures proper device classification and compliance |
Script Operations
Section titled “Script Operations”1. Microsoft Graph Connection
Section titled “1. Microsoft Graph Connection”The script establishes a secure connection using Connect-MgGraph with the required permissions scope for device management operations.
2. Device Filtering Process
Section titled “2. Device Filtering Process”- Filters devices by operating system (macOS and Windows)
- Identifies devices with “personal” ownership type
- Creates a targeted list for ownership updates
3. Ownership Transformation
Section titled “3. Ownership Transformation”- Iterates through filtered devices
- Updates ownership type using Update-MgDeviceManagementManagedDevice cmdlet
- Changes classification from “personal” to “company”
Implementation
Section titled “Implementation”Connect-MgGraph -Scopes "DeviceManagementManagedDevices.ReadWrite.All"Get-MgDeviceManagementManagedDevice |Where-Object {($_.OperatingSystem -EQ "macOS") -or ($_.OperatingSystem -EQ "Windows")}|Where-Object ManagedDeviceOwnerType -EQ "personal" |ForEach-Object {Update-MgDeviceManagementManagedDevice -ManagedDeviceId $_.Id -ManagedDeviceOwnerType "company" }Key Benefits
Section titled “Key Benefits”Ideal for: Organizations managing mixed device environments with Microsoft Intune
Use Cases:
- Bulk device ownership corrections
- Compliance automation
- Device lifecycle management
- Security policy enforcement
Important: This script requires appropriate Microsoft Graph permissions and should be tested in a non-production environment first.