Azure active directory Azure Active Directory:如何检查设备成员资格?
我试图找到一种方法来显示Intune设备所属的所有组。为了我的生命,我找不到这个函数。我在Intune刀片下看不到此功能,Azure Active Directory刀片下也看不到此功能。是否有其他方式查看设备的组成员身份 PS:设备通过Intune进行管理,Azure AD仅加入 试图通过Microsoft和Powershell查找信息 获取AzureAddeDeviceMembership不存在Azure active directory Azure Active Directory:如何检查设备成员资格?,azure-active-directory,intune,Azure Active Directory,Intune,我试图找到一种方法来显示Intune设备所属的所有组。为了我的生命,我找不到这个函数。我在Intune刀片下看不到此功能,Azure Active Directory刀片下也看不到此功能。是否有其他方式查看设备的组成员身份 PS:设备通过Intune进行管理,Azure AD仅加入 试图通过Microsoft和Powershell查找信息 获取AzureAddeDeviceMembership不存在 我希望输出能够显示AAD设备所属的组。我也遇到了同样的问题,我很惊讶Get-AzureADDev
我希望输出能够显示AAD设备所属的组。我也遇到了同样的问题,我很惊讶Get-AzureADDeviceMembership cmdlet不存在 我将此作为一种解决方法:
Get-AzureADGroup -All 1 | ? {"COMPUTER_DISPLAY_NAME" -in (Get-AzureADGroupMember -ObjectId $_.ObjectId).DisplayName}
function Get-AzureADDeviceMembership{
[CmdletBinding()]
Param(
[string]$ComputerDisplayname,
[switch]$UseCache
)
if(-not $Global:AzureAdGroupsWithMembers -or -not $UseCache){
write-host "refreshing cache"
$Global:AzureAdGroupsWithMembers = Get-AzureADGroup -All 1 | % {
$members = Get-AzureADGroupMember -ObjectId $_.ObjectId
$_ | Add-Member -MemberType NoteProperty -Name Members -Value $members
$_
}
}
$Global:AzureAdGroupsWithMembers | % {
if($ComputerDisplayname -in ($_.Members | select -ExpandProperty DisplayName)){
$_
}
} | select -Unique
}
Connect-AzureAD
Get-AzureADDeviceMembership -ComputerDisplayname "COMPUTER_DISPLAY_NAME" -UseCache
function Get-AzureADDeviceMembership{
[CmdletBinding()]
Param(
[string]$ComputerDisplayname,
[switch]$UseCache
)
if(-not $Global:AzureAdGroupsWithMembers -or -not $UseCache){
write-host "refreshing cache"
$Global:AzureAdGroupsWithMembers = Get-AzureADGroup -All 1 | % {
$members = Get-AzureADGroupMember -ObjectId $_.ObjectId
$_ | Add-Member -MemberType NoteProperty -Name Members -Value $members
$_
}
}
$Global:AzureAdGroupsWithMembers | % {
if($ComputerDisplayname -in ($_.Members | select -ExpandProperty DisplayName)){
$_
}
} | select -Unique
}
Connect-AzureAD
Get-AzureADDeviceMembership -ComputerDisplayname "COMPUTER_DISPLAY_NAME" -UseCache
我也有同样的问题,我很惊讶Get-AzureADDeviceMembership cmdlet不存在 我将此作为一种解决方法:
Get-AzureADGroup -All 1 | ? {"COMPUTER_DISPLAY_NAME" -in (Get-AzureADGroupMember -ObjectId $_.ObjectId).DisplayName}
function Get-AzureADDeviceMembership{
[CmdletBinding()]
Param(
[string]$ComputerDisplayname,
[switch]$UseCache
)
if(-not $Global:AzureAdGroupsWithMembers -or -not $UseCache){
write-host "refreshing cache"
$Global:AzureAdGroupsWithMembers = Get-AzureADGroup -All 1 | % {
$members = Get-AzureADGroupMember -ObjectId $_.ObjectId
$_ | Add-Member -MemberType NoteProperty -Name Members -Value $members
$_
}
}
$Global:AzureAdGroupsWithMembers | % {
if($ComputerDisplayname -in ($_.Members | select -ExpandProperty DisplayName)){
$_
}
} | select -Unique
}
Connect-AzureAD
Get-AzureADDeviceMembership -ComputerDisplayname "COMPUTER_DISPLAY_NAME" -UseCache
function Get-AzureADDeviceMembership{
[CmdletBinding()]
Param(
[string]$ComputerDisplayname,
[switch]$UseCache
)
if(-not $Global:AzureAdGroupsWithMembers -or -not $UseCache){
write-host "refreshing cache"
$Global:AzureAdGroupsWithMembers = Get-AzureADGroup -All 1 | % {
$members = Get-AzureADGroupMember -ObjectId $_.ObjectId
$_ | Add-Member -MemberType NoteProperty -Name Members -Value $members
$_
}
}
$Global:AzureAdGroupsWithMembers | % {
if($ComputerDisplayname -in ($_.Members | select -ExpandProperty DisplayName)){
$_
}
} | select -Unique
}
Connect-AzureAD
Get-AzureADDeviceMembership -ComputerDisplayname "COMPUTER_DISPLAY_NAME" -UseCache
要添加到Gerrit的答案中,请使用
-Filter-groupTypes/any(c:c+ne+'Unified')Get-AzureADGroup-Filter-groupTypes/any(c:c+ne+'Unified')Get-AzureADGroup