Azure AD device group membership

Hello @AsAdmin ,

Unfortunately at this point we do not have a powershell cmdlet for the same. Me and one of my colleagues @AnuragSharma-MSFT worked together and tested the following script . This works and you will be able to get an output for all devices with objectID and the groups they are member of . This will exactly provide you the solution you needed.

Please make sure that you run this with global administrator privileges . Also you would require to install Microsoft Graph Powershell module before you can run this script . Please use the following cmdlet in order to install Microsoft Graph module on your machine. Please check the linked article for any issues with installation and minimum powershell versions .

Install-Module -Name Microsoft.Graph

Connect-Graph -Scopes "User.Read.All", "Group.ReadWrite.All", "Device.Read.All"  
$AllDevice = Invoke-GraphRequest - Uri "https://graph.microsoft.com/v1.0/devices/"  
    $devicecount = $AllDevice.value.Count  
    $graphurl = "https://graph.microsoft.com/v1.0/devices/"  
  
    $tempTable = New - Object System.Data.DataTable  
  
    $col1 = New-Object System.Data.DataColumn("Device Object Id")  
    $col2 = New-Object System.Data.DataColumn("Device Name")  
    $col3 = New-Object System.Data.DataColumn("Group Names")  
  
    $tempTable.columns.Add($col1)  
    $tempTable.columns.Add($col2)  
    $tempTable.columns.Add($col3)  
  
    $tempTable.Columns.Count  
  
    for ($i = 0; $i - le $devicecount - 1; $i += 1) {  
        $row = $tempTable.NewRow()  
  
            $url = -join($graphurl, $AllDevice.value[$i].id, "/memberOf")  
            $DeviceGroupMember = Invoke-GraphRequest - Uri $url  
            if ($DeviceGroupMember.value.displayName) {  
                $row["Device Object Id"] = $AllDevice.value[0].id  
                    $row["Device Name"] = $AllDevice.value[0].displayName  
                    $displayGrpcount = $DeviceGroupMember.value.displayName.Count  
  
                    if ($displayGrpcount - eq 1) {  
                        $row["Group Names"] = $DeviceGroupMember.value.displayName  
  
                    } else {  
                        $GroupName = ""  
                            for ($j = 0; $j - le $displayGrpcount - 1; $j += 1) {  
                                $GroupName = -join($GroupName, $DeviceGroupMember.value.displayName[$j], "; ")  
                            }  
                            $row["Group Names"] = $GroupName  
  
                    }  
  
            }  
            $tempTable.rows.Add($row)  
  
            $tempTable | export-csv -Path. \so.csv -NoTypeInformation  
    }  

The above scripts will provide an output like below.

Let us know if you have any other query . In case it helps , please do accept the answer so that it improves the answer relevancy and helps other members in the community searching for similar solutions.

Thank you .

Credits :- Table creation taken from Russ Maxwell's Blog .

----------------------------------------------------------------------------------------------------------------------------------------------------------

• Please don't forget to click on or upvote button whenever the information provided helps you. Original posters help the community find answers faster by identifying the correct answer. Here is how
• Want a reminder to come back and check responses? Here is how to subscribe to a notification
• If you are interested in joining the VM program and help shape the future of Q&A: Here is how you can be part of Q&A Volunteer Moderators