Script to Sync Windows Devices in Microsoft Graph
Windows Device Synchronization Script for Microsoft Graph
Section titled “Windows Device Synchronization Script for Microsoft Graph”Overview
Section titled “Overview”This PowerShell script connects to Microsoft Graph and automates the synchronization process for all managed Windows devices across your organization. The script provides real-time feedback during the synchronization process.
Script Capabilities
Section titled “Script Capabilities”| Function | Description | Business Value |
|---|---|---|
| Tenant Authentication | Prompts for Tenant ID and connects with required scopes | Secure, tenant-specific access to device management |
| Device Discovery | Retrieves all managed Windows devices | Comprehensive device inventory and targeting |
| Bulk Synchronization | Sends sync requests to all Windows devices | Ensures up-to-date device status and policies |
| Progress Tracking | Displays device count and sync progress | Real-time monitoring and visibility |
Script Operations
Section titled “Script Operations”1. Authentication Process
Section titled “1. Authentication Process”- Prompts administrator for Tenant ID or primary domain
- Establishes connection with DeviceManagementManagedDevices.ReadWrite.All and DeviceManagementManagedDevices.PrivilegedOperations.All scopes
- Ensures proper permissions for device synchronization operations
2. Device Discovery
Section titled “2. Device Discovery”- Retrieves all managed devices from Microsoft Graph
- Filters specifically for Windows operating system devices
- Provides count of discovered devices for verification
3. Synchronization Execution
Section titled “3. Synchronization Execution”- Iterates through each discovered Windows device
- Sends synchronization request using Sync-MgDeviceManagementManagedDevice
- Displays progress for each device being synchronized
Implementation
Section titled “Implementation”$TenantId = Read-Host "Please enter Tenant Id or Primary domain"$Scopes = "DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementManagedDevices.PrivilegedOperations.All"
Connect-MgGraph -TenantId $TenantId -Scopes $Scopes
$Devices = Get-MgDeviceManagementManagedDevice -All | Where-Object {$_.operatingSystem -eq 'Windows'}Write-host " Number of Devices found: $($Devices.id.Count)" -ForegroundColor cyan
Foreach ($Device in $Devices) { $DeviceId = $Device.id Sync-MgDeviceManagementManagedDevice -ManagedDeviceId $DeviceId Write-Host "Sending Sync request to Device $($Device.deviceName)" -ForegroundColor Yellow}Key Benefits
Section titled “Key Benefits”Ideal for: IT administrators managing Windows device fleets with Microsoft Intune
Use Cases:
- Force device policy updates
- Troubleshooting device connectivity issues
- Ensuring compliance across device fleets
- Post-deployment synchronization verification
Prerequisites
Section titled “Prerequisites”- Microsoft Graph PowerShell SDK installed
- Global Administrator or Intune Administrator role
- Appropriate API permissions for device management
- Windows devices enrolled in Microsoft Intune
Note: This script processes devices sequentially. For large device fleets, consider running during off-peak hours to minimize impact on user experience.