Share via

Enable Intune MDM scope - mobilityManagementPolicyId ?

Krupa Gundraju (Larsen & Toubro Infotech Limit) 126 Reputation points
2022-10-26T13:15:09.213+00:00

HI Team,

While enabling MDM user scope to all users using rest API, I could see that it requires some MobilityManagementPolicyId.

How to get this id so that we can invoke API using powershell?

reference: https://learn.microsoft.com/en-us/graph/api/mobiledevicemanagementpolicies-update?view=graph-rest-beta&tabs=http

Not Monitored
Not Monitored
Tag not monitored by Microsoft.
39,826 questions
0 comments

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Alfredo Revilla - Upwork Top Talent | IAM SWE SWA 27,461 Reputation points
    2022-10-26T22:29:07.75+00:00

    Hello @Krupa Gundraju (Larsen & Toubro Infotech Limit) and thanks for reaching out. To invoke the Update mobileDeviceManagementPolicy operation you will need to provide the id of a mobilityManagementPolicy object or resource. You can list available ones using the List mobileDeviceManagementPolicies operation.

    You can retrieve a list of policies using MS Graph PowerShell use the following script: 

       Select-MgProfile -Name "beta"  
   Connect-MgGraph -Scopes Policy.Read.All  
   Get-MgPolicyMobileDeviceManagementPolicy

    And update one passing the id property value as the MobilityManagementPolicyId param: 

       Select-MgProfile -Name "beta"  
   Connect-MgGraph -Scopes Policy.ReadWrite.MobilityManagement  
   Update-MgPolicyMobileDeviceManagementPolicy -MobilityManagementPolicyId {id} # follows additional parameters

    Let us know if you need additional assistance. If the answer was helpful, please accept it and complete the quality survey so that others can find a solution.

  2. Lu Dai-MSFT 28,421 Reputation points
    2022-10-27T01:56:32.1+00:00

    @Krupa Gundraju (Larsen & Toubro Infotech Limit) Thanks for posting in our Q&A.

    For this issue, I have done the test in my lab. When we run the following request URL in graph explorer, we will get two ids. One is "Device Management Policy for Microsoft Intune Enrollment", the other is "Device Management Policy for Microsoft Intune". 

    https://graph.microsoft.com/beta/policies/mobileDeviceManagementPolicies

    254534-image.png

    Please focus on "Device Management Policy for Microsoft Intune", it is the correct setting about Intune MDM scope.

    Hope it will help.

    If the answer is the right solution, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".
    Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.