Hi @Kjetil Hagen
You can certainly add devices through Powershell. Please refer to this article:
https://learn.microsoft.com/en-us/powershell/module/azuread/add-azureaddeviceregistereduser?view=azureadps-2.0
Scenario 1: You have the Azure AD Object IDs for the devices.
In this case, we can directly make use of the Add-AzureADGroupMember cmdlet that adds a member to a group.
1) Add-AzureADGroupMember -ObjectId "62438306-7c37-4638-a72d-0ee8d9217680" -RefObjectId "0a1068c0-dbb6-4537-9db3-b48f3e31dd76"
For more information on Add-AzureADGroupMember, please visit this link.
Scenario 2: You do not have their AAD Object IDs. Instead you have the device Names and their Azure AD Device IDs. In this case, we will first try to get the Object IDs for each device so that we can use Add-AzureADGroupMember cmdlet.
To proceed, let’s create a csv file named DevicesToAdd.csv which have two columns with headers in the below format:
DeviceName,azureADDeviceId
james-laptop,2bb27401-6b71-4c43-8b1d-ccd81e4f6623
James-surface,46d6c1fe-c099-420a-994e-d3f0db447983
Copy the below script:
$groupName = "myAADGroupName"
try {
$deviceList = Import-Csv -Path "D:\DevicesToAdd.csv"
Connect-AzureAD
$groupObj = Get-AzureADGroup -SearchString $groupName
foreach ($device in $deviceList) {
$deviceObj = Get-AzureADDevice -SearchString $device.DeviceName
if($deviceObj -ne $null){
try{
foreach($dev in $deviceObj){
if($dev.DeviceId -eq $device.azureADDeviceId){
Add-AzureADGroupMember -ObjectId $groupObj.ObjectId -RefObjectId $dev.ObjectId
}
}
}
catch{}
}
else{
Write-Host "No device found:$($device.DeviceName)"
}
}
}
catch {
Write-Host -Message $_
}
Script explanation:
i. The script creates a variable $groupName which stores the AAD group name.
ii. The variable $deviceList contains all the devices from the csv file.
iii. Connect-AzureAD connects you to the Azure Active Directory
iv. It gets the details of the group so that its object ID can be used later.
v. For each device in the list, the script calls the Get-AzureADDevice cmdlet to get the device details. However, duplicate device names or display names can exist. So, it checks for the specific device in your list by comparing the device ID.
vi. Upon successful comparison, the right device is added to the group using its ObjectID with the help of Add-AzureADGroupMember cmdlet.
I do hope this answers your question.
Thanks.
--If the reply is helpful, please Upvote and Accept as answer--