Unable to Disable mobile device using Automation Account

Question

Unable to Disable mobile device using Automation Account

Amol Pawar 21

We get an error “SetDevice Code: Request_BadRequest Message: Properties other than ExtendedAttribute1..15 can be modified only on windows devices”. Here is the script that we are using:

$dev = Get-AzureADDevice -All:$true | Where {$_.AccountEnabled -eq $true}

foreach ($d in $dev) {

Set-AzureADDevice -ObjectId $d.ObjectId -AccountEnabled $false

}

Even though this returns error, but it still disables the Windows devices and however does not disable mobile devices.

Also, one thing to note is, we can remove the devices using Remove-AzureADDevice using Automation.

The same scripts is running fine without error on Windows Powershell.

bharathn-msft 5,126 Reputation points Microsoft Employee Moderator

2021-10-08T20:58:18.007+00:00

@Amol Pawar Our apologies for delayed response on this thread. Checking in to see if you are already working with our Azure support team regarding this issue ? Came across a similar escalation so wanted to make sure you have been helped already.
bharathn-msft 5,126 Reputation points Microsoft Employee Moderator

2021-10-12T16:20:43.127+00:00

@Amol Pawar - Checking in to see if you had a chance to review the above information and confirm that you have worked with our support team for resolution. From the similar case notes I could find below information , which I thought would help our community members having similar issue.

If you are performing an app-only auth, which results the above error. Which is by design.
However to modify the attributes, you need to use PowerShell or perform a User auth to acquire a token.

Hope the above information helps for other community members facing this issue. Thank you

2 answers

Your answer

bharathn-msft 5,126 Reputation points Microsoft Employee Moderator

2021-10-08T20:58:18.007+00:00

@Amol Pawar Our apologies for delayed response on this thread. Checking in to see if you are already working with our Azure support team regarding this issue ? Came across a similar escalation so wanted to make sure you have been helped already.
bharathn-msft 5,126 Reputation points Microsoft Employee Moderator

2021-10-12T16:20:43.127+00:00

@Amol Pawar - Checking in to see if you had a chance to review the above information and confirm that you have worked with our support team for resolution. From the similar case notes I could find below information , which I thought would help our community members having similar issue.

If you are performing an app-only auth, which results the above error. Which is by design.
However to modify the attributes, you need to use PowerShell or perform a User auth to acquire a token.

Hope the above information helps for other community members facing this issue. Thank you

Answer 1

<<Converting the information from comments to here for broader community usage>>

Thank you @Amol Pawar for your query.

Came across a similar case notes I could find below information , which I thought would help our community members having similar issue. So sharing it here.

If you are performing an app-only auth, which results the above error. Which is by design.
However to modify the attributes, you need to use PowerShell or perform a User auth to acquire a token.

Hope the above information helps for other community members facing this issue. Thank you

Answer 2

Dennis 1

is that a bug or is that "by design" and we cannot use app-permissions to disable devices?

Share via

Unable to Disable mobile device using Automation Account

2 answers

Your answer