forked from Seidlm/Microsoft-Graph-API-Examples
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Enable Lost Mode for Intune Device.ps1
58 lines (42 loc) · 1.61 KB
/
Enable Lost Mode for Intune Device.ps1
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
$clientID = "yourClientID"
$Clientsecret = "yourSecret"
$tenantID = "yourTenantID"
#Configure Device Properties
$UPN = "[email protected]"
#Connect to GRAPH API
$tokenBody = @{
Grant_Type = "client_credentials"
Scope = "https://graph.microsoft.com/.default"
Client_Id = $clientId
Client_Secret = $clientSecret
}
$tokenResponse = Invoke-RestMethod -Uri "https://login.microsoftonline.com/$tenantID/oauth2/v2.0/token" -Method POST -Body $tokenBody
$headers = @{
"Authorization" = "Bearer $($tokenResponse.access_token)"
"Content-type" = "application/json"
}
#Get User ID
$URLGetUser = "https://graph.microsoft.com/v1.0/users/$UPN"
$USER = Invoke-RestMethod -Method GET -Uri $URLGetUser -Headers $headers
#Get Managed Device from User
$UriGetDevices = "https://graph.microsoft.com/v1.0/users/$($User.id)/managedDevices"
$Devices = (Invoke-RestMethod -Method GET -Uri $UriGetDevices -Headers $headers).value
if (@($Devices).count -gt 0) {
foreach ($D in $Devices)
{
if ($D.operatingSystem -eq "iOS")
{
$URL="https://graph.microsoft.com/beta/deviceManagement/managedDevices/$($d.id)/enableLostMode"
$BodyJson = @"
{
"message": "Please Contact IT Support",
"phoneNumber": "+43 1111 1111111",
"footer": "Your IT"
}
"@
Invoke-RestMethod -Uri $URL -Method POST -header $headers -body $BodyJson
}
}
}
#$URL="https://graph.microsoft.com/v1.0/deviceManagement/managedDevices/$($d.id)/disableLostMode"
#Invoke-RestMethod -Uri $URL -Method POST -header $authHeader