Get Azure AD Users with their Registered Devices using Powershell

by

In this post, I am going to share Powershell script to find and list devices that are registered by Azure AD users. We can use the Get-AzureADUserRegisteredDevice cmdlet to get the registered devices.

Before you start, run the below command to connect the Azure AD Powershell module.

Connect-AzureAD

The below command gets the devices that are registered to the specified user.

$user = Get-AzureADUser -SearchString "UserName"
Get-AzureADUserRegisteredDevice -ObjectId  $user.ObjectId -All $true

List registered devices of all Azure AD users:

To get a report of the device list for all Azure AD users, first, we need to get users by the Get-AzureADUser cmdlet and pipe the user list to the Get-AzureADUserRegisteredDevice cmdlet.

$Result=@()
$Users = Get-AzureADUser -All $true | Select UserPrincipalName,ObjectId
$Users | ForEach-Object {
$user = $_
Get-AzureADUserRegisteredDevice -ObjectId $user.ObjectId | ForEach-Object {
$Result += New-Object PSObject -property @{ 
DeviceOwner = $user.UserPrincipalName
DeviceName = $_.DisplayName
DeviceOSType = $_.DeviceOSType
ApproximateLastLogonTimeStamp = $_.ApproximateLastLogonTimeStamp
}
}
}
$Result | Select DeviceOwner,DeviceName,DeviceOSType,ApproximateLastLogonTimeStamp

Get registered devices for Bulk Users from CSV

Consider the CSV file “AzureADUsers.csv” (Download sample CSV) which holds the required users’ UPN in each row with the column header UserPrincipalName.

$Result=@()
#Read user details from the CSV file
$CSVRecords = Import-CSV "C:\Temp\AzureADUsers.csv"
 
#Iterate CSVRecords (users) and Get Registered Device for users one by one
ForEach($CSVRecord in $CSVRecords)
{
$UserUPN = $CSVRecord.'UserPrincipalName'
Get-AzureADUserRegisteredDevice -ObjectId $UserUPN | ForEach-Object {
$Result += New-Object PSObject -property @{ 
DeviceOwner = $UserUPN
DeviceName = $_.DisplayName
DeviceOSType = $_.DeviceOSType
ApproximateLastLogonTimeStamp = $_.ApproximateLastLogonTimeStamp
}
}
}
$Result | Select DeviceOwner,DeviceName,DeviceOSType,ApproximateLastLogonTimeStamp

Export Report to CSV file:

You can export the result to a CSV file using the command Export-CSV.

$Result | Export-CSV "C:\AzureADJoinedDevices.csv" -NoTypeInformation -Encoding UTF8

Related Posts

Advertisement

Leave a Comment