stackoom
  简体   繁体   中英

Azure assign group and device to script using Graph API

 原文  2023-01-23 21:57:07       azure/ microsoft-graph-api/ intune

Question

I am trying to assign groups and devices to a PowerShell script in Microsoft Intune using the following POST request: URL: https://graph.microsoft.com/beta/deviceManagement/deviceManagementScripts/%7Bid%7D/Assign

Body: { "deviceManagementScriptGroupAssignments": [ { "@odata.type": "#microsoft.graph.deviceManagementScriptGroupAssignment", "id": "{ScriptId:GroupId}", "targetGroupId": "{GroupId}" } ], "deviceManagementScriptAssignments": [ { "@odata.type": "#microsoft.graph.deviceManagementScriptAssignment", "id": "{ScriptID:DeviceID}", "target": { "@odata.type": "#microsoft.graph.allDevicesAssignmentTarget", "deviceAndAppManagementAssignmentFilterId": null, "deviceAndAppManagementAssignmentFilterType": "none" } } ] }

However, I am getting a 400 error with the following message:

"{ "_version": 3, "Message": "An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: 615c3437-bd99-2193-9d4b-d9a61deb0340 - Url: https://fef.amsua0102.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/deviceManagementScripts('{id}')/microsoft.management.services.api.assign?api-version=5022-11-08", "CustomApiErrorPhrase": "", "RetryAfter": null, "ErrorSourceService": "", "HttpHeaders": "{}"}"

I base on this document of Microsoft https://learn.microsoft.com/en-us/graph/api/intune-shared-devicemanagementscript-assign?view=graph-rest-beta

1 answers

solution1
 0  2023-01-25 07:49:36

I tried to reproduce the same in my environment.

Received the same error:

{
    "error": {
        "code": "UnknownError",
        "message": "{\"ErrorCode\":\"Forbidden\",\"Message\":\"{\\  \\\"_version\\\": 3,\\  \\\"Message\\\": \\\"An error has occurred - Operation ID (for customer support): xxxx –

}

在此处输入图像描述

When I followed the url in the error and queried, I got that the api version is not supported.

在此处输入图像描述

Make sure the authorization header is given with bearer token which has proper permissions to work with intune and device management

在此处输入图像描述

Omit the parameter @odata.type in the post request body.

{
    "@odata.type": "#microsoft.graph.deviceManagementScript",
    …
    "runAs32Bit": true
}

在此处输入图像描述

Make sure you have DeviceManagementConfiguration.ReadWrite.All Application and delegated permissions.

在此处输入图像描述

Note that Intune requires an active Intune license for the tenant.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Config Azure application proxy using the graph API Unable to create new group inside Administrative Unit using Graph API "User not found" for Graph API request in the Azure enterprise app security group with client credentials auth flow How to using Azure Board to trigger a API call or script Send email using Microsoft Graph API from shared mailbox using azure logic app MemberOf in Graph Me api azure AD Blazor WASM using Azure AD B2C fails calling Microsoft.Graph api graph api for retire device has incorrect spelling for permissions Azure AD Graph API issue: Specified $skiptoken is invalid Unauthorised application able to get the access of users in Azure Graph API
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM