Changing primary user of a device in Intune

Question

Hello All,

I ran into issues where our Technicians who reimage and deploy laptop/workstations to our users gets assigned as Primary user on the device. Right now, We have about less than 1000 devices that doesn't have the proper Primary user in Intune. We are currently fixing this via manual effort by doing several click but I wanted to automate our process to be more efficient. So installed Microsoft Graph Powershell and ran the script below but I am getting an error message.

I am not sure what I am doing wrong as the script provided on Microsoft website doesn't have any examples or syntax. 

Script:

Connect-mgGraph
Update-MgDeviceManagementManagedDevice -manageddeviceid $deviceid -Users $userid

The value I have for the $deviceid is the Intune deviceid of the device while the value on the $userId is a UPN. I also tried using objectid of the user but I keep getting below error message. 

error:

Update-MgDeviceManagementManagedDevice : Cannot process argument transformation on parameter 'Users'. Cannot convert
value "[Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser]Microsoft.Graph.PowerShell.Models.MicrosoftGraphUser" to
type "Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser[]". Error: "Cannot convert the
"[Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser]Microsoft.Graph.PowerShell.Models.MicrosoftGraphUser" value of
type "System.String" to type "Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser"."
At line:1 char:101
+ ... 0895 -Users [Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser]$u ...
+                 ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidData: (:) [Update-MgDeviceManagementManagedDevice], ParameterBindingArgumentTrans
   formationException
    + FullyQualifiedErrorId : ParameterArgumentTransformationError,Update-MgDeviceManagementManagedDevice
I've been trying to find some references I can find about "Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser[] but I can't find anything. I am also not sure why it is trying to convert a string to "Microsoft.Graph.PowerShell.Models.IMicrosoftGraphUser[].
Any advise or help is much appreciated!
Thank You

Answer 1

@Jason, Thanks for the reply. For the "update-mgdevicemanagementManagedDevice." command, in the document, the -Users value is with type IMicrosoftGraphUser[].

https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.devicemanagement/update-mgdevicemanagementmanageddevice?view=graph-powershell-1.0

For this type, I find it is an object with many user properties.

https://learn.microsoft.com/en-us/dotnet/api/microsoft.azure.powershell.cmdlets.resources.msgraph.models.apiv10.imicrosoftgraphuser?view=az-ps-latest

I find the "get-mguser" return the same type.

https://learn.microsoft.com/en-us/powershell/module/microsoft.graph.users/get-mguser?view=graph-powershell-1.0

Then I consider to run the command with "get-mguser" as an input. However, if returns the BusinessPhones is not existing.

After investigating, I find the module calls Microsoft Graph REST API. In Microsoft Graph, a user resource type has BusinessPhones property (string collection). This is what Get-MgUser returns . But in IMicrosoftGraphUser Interface, the property name is "[BusinessPhone] (https://learn.microsoft.com/en-us/dotnet/api/microsoft.azure.powershell.cmdlets.resources.msgraph.models.apiv10.imicrosoftgraphuser.businessphone?view=az-ps-latest#microsoft-azure-powershell-cmdlets-resources-msgraph-models-apiv10-imicrosoftgraphuser-businessphone)" which causes the issue.

To fix, I suggest open case to Microsoft Entra ID support to see if we can change the user property from BusinessPhones to BusinessPhone to make it work.

https://learn.microsoft.com/en-us/entra/fundamentals/how-to-get-support

Or contact API support to see if the BusinessPhone property can be changed to BusinessPhones in IMicrosoftGraphUser Interface https://developer.microsoft.com/en-us/graph/support Thanks for your understanding.

Answer 2

@Jason, Thanks for posting in Q&A. From the information you provided, it seems the command "Update-MgDeviceManagementManagedDevice" is not working. After researching, I find a link has a script named "Win10_PrimaryUser_Set.ps1" which can be used to set primary user.

https://github.com/microsoftgraph/powershell-intune-samples/tree/master/ManagedDevices

Note: Non-Microsoft link, just for the reference.

Hope the above information can help.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. If you have extra questions about this answer, please click "Comment".

Note: Please follow the steps in our documentation to enable e-mail notifications if you want to receive the related email notification for this thread.

Answer 3

Maybe this'll be useful to somebody down the road when this cmdlet works. I wasn't able to find what property needs to be updated to update primary user, but at least this didn't give me an error message.

$testid = ((Get-ADComputer computer-name).objectguid).guid

$deviceid = (Get-MgDeviceManagementManagedDevice -filter "AzureADDeviceid eq '$testid'").id

$user = Get-MgUser -Filter "userprincipalname eq 'first.last@example.com'"

$params = @{
    UserDisplayName = $user.DisplayName
    UserEmail = $user.UserPrincipalName
    userid = $user.id
    UserPrincipalName = $user.UserPrincipalName
   }

Update-MgDeviceManagementManagedDevice -ManagedDeviceId $deviceid -BodyParameter $params