How to assign all users to a compliance policy

Question

Im trying to assign the "all users" group in graph explorer but get this error:

{
    "error": {
        "code": "BadRequest",
        "message": "Unsupported @odata.type value: please do not provide a metadata document URI.",
        "innerError": {
            "date": "2023-10-13T06:40:35",
            "request-id": "373b91f0-3fb7-4235-aeff-94512a78575b",
            "client-request-id": "31b53b35-fc2c-e029-79a6-cec1ff6bc44f"
        }
    }
}

This is the url:

https://graph.microsoft.com/beta/deviceManagement/deviceCompliancePolicies/{deviceCompliancePolicy-id}/assignments/

This is the body:

{
    "@odata.type": "#microsoft.graph.deviceCompliancePolicyAssignment",
    "target": {
        "@odata.type": "microsoft.graph.#microsoft.graph.allLicensedUsersAssignmentTarget",
        "deviceAndAppManagementAssignmentFilterId": null,
        "deviceAndAppManagementAssignmentFilterType": "none"
    },
    "source": "direct",
    "sourceId": "{deviceCompliancePolicy-id}"
}

Answer

I figured it out.

$uri = "https://graph.microsoft.com/v1.0/deviceManagement/deviceCompliancePolicies/$($DefaultCompliancePolicy.Id)/assign"
$json = '
{
    "assignments": [
        {
            "target": {
                "@odata.type": "#microsoft.graph.allLicensedUsersAssignmentTarget"
            }
        }
    ]
}
'

Invoke-MgGraphRequest -Uri $uri -Method POST -Body $json

Share via

How to assign all users to a compliance policy

1 answer