Share via

manageddevice

Ridtha Tessalee 0 Reputation points
2023-02-10T03:13:56.4666667+00:00

Copied from https://github.com/microsoftgraph/microsoft-graph-docs/issues/20196

First, Is it by design that it will returns ALL results if $filter= is not defined? 

https://graph.microsoft.com/v1.0/users?$filter=
https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$filter=

Both of these commands will return all results.

Second, Regarding ManagedDevice (new INTUNE API), filter is really bad.
Specifying something into the $filter=VALUE eq 'key' will returns the key result. But if the 'key' is Empty it will return ALL results.
When comparing to the /users?$filter=Value eq 'key' will returns error
For example
https://graph.microsoft.com/v1.0/users?$filter=userPrincipalName eq '******@yr8ck.onmicrosoft.com' will returns Adele profile
`{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users",
    "value": [
        {
            "businessPhones": [
                "+1 425 555 0109"
            ],
            "displayName": "Adele Vance",
            "givenName": "Adele",
            "jobTitle": "Retail Manager",
            "mail": "******@yr8ck.onmicrosoft.com",
            "mobilePhone": null,
            "officeLocation": "18/2111",
            "preferredLanguage": "en-US",
            "surname": "Vance",
            "userPrincipalName": "******@yr8ck.onmicrosoft.com",
            "id": "8a7bb227-03b8-4533-b9bd-69cb29dd7bb2"
        }
    ]
}`

https://graph.microsoft.com/v1.0/users?$filter=userPrincipalName eq '******@yr8ck.onmicrosoft.com' will return nothing
`{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#users",
    "value": []
}`

https://graph.microsoft.com/v1.0/users?$filter=displayName eq '' Will returns error
    "error": {
        "code": "Request_UnsupportedQuery",
        "message": "Unsupported or invalid query filter clause specified for property 'userPrincipalName' of resource 'User'.",
        "innerError": {
            "date": "2023-02-10T02:51:45",
            "request-id": "f2808430-072c-4531-b4a1-45c933c8b97f",
            "client-request-id": "c6de0463-9b4a-d874-905c-a362a18d11c8"
        }
    }
}`

Meanwhile
https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$filter=userprincipalname eq '******@yr8ck.onmicrosoft.com' will return 1 device.
`{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#deviceManagement/managedDevices",
    "@odata.count": 1,
    "value": [
        {
            "id": "##########################",
            "userId": "f8550532-da4b-4f34-906a-6c7b7c20dde6",
            "deviceName": "iPad (3)",
            "managedDeviceOwnerType": "company",
            "enrolledDateTime": "2023-02-10T01:37:29Z",
            "lastSyncDateTime": "2023-02-10T02:34:09Z",
            "operatingSystem": "iOS",
            "complianceState": "compliant",
            "jailBroken": "False",
            "managementAgent": "mdm",
            "osVersion": "16.2",
            "easActivated": false,
            "easDeviceId": "6T2PLMNB2D7M1CO60345SNMA88",
            "easActivationDateTime": "0001-01-01T00:00:00Z",
            "azureADRegistered": null,
            "deviceEnrollmentType": "deviceEnrollmentManager",
            "activationLockBypassCode": null,
            "emailAddress": "******@yr8ck.onmicrosoft.com",
            "azureADDeviceId": "9e3490a3-47e9-46dc-b1b6-06a786dd605f",
            "deviceRegistrationState": "registered",
            "deviceCategoryDisplayName": "Unknown",
            "isSupervised": false,
            "exchangeLastSuccessfulSyncDateTime": "0001-01-01T00:00:00Z",
            "exchangeAccessState": "none",
            "exchangeAccessStateReason": "none",
            "remoteAssistanceSessionUrl": null,
            "remoteAssistanceSessionErrorDetails": null,
            "isEncrypted": true,
            "userPrincipalName": "******@yr8ck.onmicrosoft.com",
            "model": "iPad Pro",
            "manufacturer": "Apple",
            "imei": "Provisioning:##########################",
            "complianceGracePeriodExpirationDateTime": "9999-12-31T23:59:59Z",
            "serialNumber": "##########################",
            "phoneNumber": "",
            "androidSecurityPatchLevel": "",
            "userDisplayName": "Adele Vance",
            "configurationManagerClientEnabledFeatures": null,
            "wiFiMacAddress": "##########################",
            "deviceHealthAttestationState": null,
            "subscriberCarrier": "iPad",
            "meid": "",
            "totalStorageSpaceInBytes": 137438953472,
            "freeStorageSpaceInBytes": 108551733248,
            "managedDeviceName": "AdeleV_IPad_2/10/2023_1:37 AM",
            "partnerReportedThreatState": "unknown",
            "requireUserEnrollmentApproval": null,
            "managementCertificateExpirationDate": "2024-02-08T02:15:29Z",
            "iccid": null,
            "udid": null,
            "notes": null,
            "ethernetMacAddress": null,
            "physicalMemoryInBytes": 0,
            "deviceActionResults": []
        }
    ]
}`

https://graph.microsoft.com/v1.0/users?$filter=userPrincipalName eq '******@yr8ck.onmicrosoft.com' will return 0 device (no result)
`{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#deviceManagement/managedDevices",
    "@odata.count": 0,
    "value": []
}`

https://graph.microsoft.com/v1.0/deviceManagement/managedDevices?$filter=userprincipalname eq '' will return ALL devices. (I only have 1 device in the tenant)
`{
    "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#deviceManagement/managedDevices",
    "@odata.count": 1,
    "value": [
        {
            "id": "##########################",
            "userId": "f8550532-da4b-4f34-906a-6c7b7c20dde6",
            "deviceName": "iPad (3)",
            "managedDeviceOwnerType": "company",
            "enrolledDateTime": "2023-02-10T01:37:29Z",
            "lastSyncDateTime": "2023-02-10T02:34:09Z",
            "operatingSystem": "iOS",
            "complianceState": "compliant",
            "jailBroken": "False",
            "managementAgent": "mdm",
            "osVersion": "16.2",
            "easActivated": false,
            "easDeviceId": "6T2PLMNB2D7M1CO60345SNMA88",
            "easActivationDateTime": "0001-01-01T00:00:00Z",
            "azureADRegistered": null,
            "deviceEnrollmentType": "deviceEnrollmentManager",
            "activationLockBypassCode": null,
            "emailAddress": "******@yr8ck.onmicrosoft.com",
            "azureADDeviceId": "9e3490a3-47e9-46dc-b1b6-06a786dd605f",
            "deviceRegistrationState": "registered",
            "deviceCategoryDisplayName": "Unknown",
            "isSupervised": false,
            "exchangeLastSuccessfulSyncDateTime": "0001-01-01T00:00:00Z",
            "exchangeAccessState": "none",
            "exchangeAccessStateReason": "none",
            "remoteAssistanceSessionUrl": null,
            "remoteAssistanceSessionErrorDetails": null,
            "isEncrypted": true,
            "userPrincipalName": "******@yr8ck.onmicrosoft.com",
            "model": "iPad Pro",
            "manufacturer": "Apple",
            "imei": "Provisioning:##########################",
            "complianceGracePeriodExpirationDateTime": "9999-12-31T23:59:59Z",
            "serialNumber": "##########################",
            "phoneNumber": "",
            "androidSecurityPatchLevel": "",
            "userDisplayName": "Adele Vance",
            "configurationManagerClientEnabledFeatures": null,
            "wiFiMacAddress": "##########################",
            "deviceHealthAttestationState": null,
            "subscriberCarrier": "iPad",
            "meid": "",
            "totalStorageSpaceInBytes": 137438953472,
            "freeStorageSpaceInBytes": 108551733248,
            "managedDeviceName": "AdeleV0_IPad_2/10/2023_1:37 AM",
            "partnerReportedThreatState": "unknown",
            "requireUserEnrollmentApproval": null,
            "managementCertificateExpirationDate": "2024-02-08T02:15:29Z",
            "iccid": null,
            "udid": null,
            "notes": null,
            "ethernetMacAddress": null,
            "physicalMemoryInBytes": 0,
            "deviceActionResults": []
        }
    ]
}`

This makes no sense to me how the same $filter= on USERS and MANAGEDDEVICES can be so different
To noted, I have read multiple other reports with similar issues and so far no resolution has been proposed. I'm hoping my example can shade more lights to the ongoing filtering issue
Microsoft Security Microsoft Graph
0 comments

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2023-03-21T14:26:48.7766667+00:00

    Hello Ridtha Tessalee,

    Thanks for reaching out!

    It is an expected behavior that the endpoint ends with ?$filter= will always return all of the results.

    Usually, empty array in the response is coming if the user is not present in the same tenant. Please check from admin center if the user exists in the same tenant or not.

    If the resource property supports filter OData query parameter, then by adding the property in filter query will give the desired results. Please refer to the documentation on how use the filter query parameter in Microsoft Graph API.

    Some of the properties support $filter only with advanced queries. See the specific resource documentation for details.

    Hope this helps.

    If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have further questions about this answer, please click "Comment".

    0 comments

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.