Share via

C# unable to enroll a device using graph

Guillaume Auger 1 Reputation point
2022-12-23T19:28:10.727+00:00

I have a powershell function that calss a C# function app to enroll a device in Autopilot. I can't get it to work. I quite sure the problem lies with the hardware identifier binary blob. I tried every string format but I always get the same error

Here's how the hardware identifier is retreived in powershell 

    $devDetail = (Get-CimInstance -CimSession $session -Namespace root/cimv2/mdm/dmmap -Class MDM_DevDetail_Ext01 -Filter "InstanceID='Ext' AND ParentID='./DevDetail'")  

    if ($devDetail -and (-not $Force))  

    {  

        $hash = $devDetail.DeviceHardwareData  

    }

then the hash is sent in the body of a HTTP call along with some other info

Here's the relevant part of the C# function 

        string requestBody = await new StreamReader(req.Body).ReadToEndAsync();  

        dynamic data = JsonConvert.DeserializeObject(requestBody);  

        string HI = data?.hardwareIdentifier;  

         

        var NouvelEquipement = new ImportedWindowsAutopilotDeviceIdentity {  

                GroupTag = req.Query["GroupTag"],  

                HardwareIdentifier = System.Text.Encoding.Unicode.GetBytes(HI),  

                SerialNumber = req.Query["SerialNumber"],  

                State = new ImportedWindowsAutopilotDeviceIdentityState {  

                    DeviceImportStatus = ImportedWindowsAutopilotDeviceIdentityImportStatus.Pending,  

                    DeviceErrorCode = 0,  

                    }  

        };  

     

        var retour = await graphClient.DeviceManagement.ImportedWindowsAutopilotDeviceIdentities  

        .Request()  

        .AddAsync(NouvelEquipement);

I get the following error

2022-12-23T18:07:27.944 [Error] Executed 'AjoutEquipement' (Failed, Id=xxxxxxx, Duration=4062ms)Code: InternalErrorMessage: {"_version": 3,"Message": "An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: xxxxxxxxxx - Url: https://fef.msua04.manage.microsoft.com/DeviceEnrollmentFE_2212/StatelessDeviceEnrollmentFEService/deviceManagement/importedWindowsAutopilotDeviceIdentities/microsoft.management.services.api.import?api-version=2021-01-22","CustomApiErrorPhrase": "","RetryAfter": null,"ErrorSourceService": "","HttpHeaders": "{}"}Inner error:AdditionalData:date: 2022-12-23T18:07:27request-id: xxxxxxxclient-request-id: xxxxxxxxxxxClientRequestId: xxxxxxxxxxx

Microsoft Security | Microsoft Graph
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Guillaume Auger 1 Reputation point
    2023-01-05T18:24:43.227+00:00

    The problem is so obvious now that I solved it ...

    The powershell line 

    $hash = $devDetail.DeviceHardwareData

    already provides a base64 encoded string of the hardware signature. So the only changes needed in the C# function were 

    byte[] HI = data?.hardwareIdentifier; //instead of string HI = data?.hardwareIdentifier; json provides direct conversion of base64 to byte array  
  
HardwareIdentifier = HI, // instead of System.Text.Encoding.Unicode.GetBytes(HI),

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.