top of page
Search

Force Sync Devices to Intune using a PowerShell Script

  • Writer: Gareth Oxendine
    Gareth Oxendine
  • Jul 20, 2024
  • 2 min read

Updated: Jun 27

ree

Introduction

I love this script! It allows you to force multiple or all devices to sync with Intune simultaneously. Previously, you had to sync each device one-by-one using the Intune portal or ask the user to manually sync their device. With this script, syncing many devices takes only seconds! Check it out below!



Table of Contents



Prerequisites

The script uses Microsoft Graph PowerShell cmdlets, so the following prerequisites are needed:


  1. Both you and your application (PowerShell) will need the following MgGraph scopes (permissions): DeviceManagementManagedDevices.PrivilegedOperations.All, DeviceManagementManagedDevices.ReadWrite.All, DeviceManagementManagedDevices.Read.All.

    1. Adding Permissions for You: a quick way to ensure you have the appropriate permissions is to assign yourself the Intune Administrator role.

    2. Adding Permissions for PowerShell: when you run the script for the first time, you will be prompted to provide consent; select Accept (see the example below):

      ree

  2. Install the Microsoft.Graph.DeviceManagement module on the machine running the script. Use the following command to install it: 

Install-Module Microsoft.Graph.DeviceManagement

The Script

Here is the script template. Before running it, though, you'll need to modify it. See the steps below.

Step 1: Choose the Device Properties for the Filter

A crucial part of the script is choosing which Intune devices to sync. You can create a filter for which devices to sync by using properties. For example, you can create a filter for devices based on the DeviceName and Model properties.


Before we look at the script, let's see what kind of device properties are returned when querying a device using the PowerShell command below (for privacy, I've either removed sensitive values or replaced them with hashtags #): 

Get-MgDeviceManagementManagedDevice

The device properties are listed on the left with their example values on the right:

Now that we know which properties are available, we can use them to create and execute the script. Replace <insert device property> with the desired filter. For example, to sync all Windows devices, you would replace {<insert device property>} with {$_.OperatingSystem -eq "Windows"}.


Step 2: Run the Script

Once you've modified the script, it is ready to execute!

NOTE:

It may take up to 5 minutes for the device(s) to sync once you've run the script.

Below are some example scripts you can use:


Example A: Sync Devices by Their Name and Model

In the example below, the script will grab all devices that match a device name and match a specific model. If your company uses a naming convention, this script will be really useful.

Example B: Sync All Devices

In the example below, the script will try to sync every device in your Intune environment.






Cover Image provided by Freepik.

Never Miss a Post. Subscribe Now!

Want to be notified whenever a new article is posted? Enter your email address and subscribe!

Thanks for submitting!

© 2024 by DMTT. Powered and secured by Wix

bottom of page