图 API 停用设备
Graph API Retire Device
我正在尝试使用 Graph API 和 Powershell 淘汰 Endpoint Manager 中存在的设备。我一直在关注此处的 Microsoft 文档 (https://docs.microsoft.com/en-us/graph/api/intune-devices-manageddevice-retire?view=graph-rest-1.0),但将 运行 保持在相同的模糊错误中。使用Powershell,我运行的命令如下:
$Params = @{
Uri = "https://graph.microsoft.com/v1.0/deviceManagement/managedDevices/$Id/retire"
Method = 'Post'
Headers = @{
Authorization = "Bearer $Token"
}
ErrorAction = 'Stop'
ContentType = 'application/json'
}
Invoke-RestMethod @Params
Uri中的$Id变量是设备的ID(id字段,不是deviceId)。我还按照文档中的示例使用以下 Uri 进行了尝试
https://graph.microsoft.com/v1.0/users/$userId/managedDevices/$Id/retire 产生了不同的错误。
需要注意的一件事是,在 Azure 中,我们为 DeviceManagementManagedDevices.PrivilegedOperations.All 启用了应用程序权限,但文档说它应该是 DeviceManagementManagedDevices.PrivilegedOperation.All(操作后没有 S)。我们不确定这是否是错字,但我们无法授予 DeviceManagementManagedDevices.PrivilegedOperation.All.
权限
这是第一个 API 没有用户的调用的错误消息,ID 上有 x:
Invoke-RestMethod: {"error":{"code":"ResourceNotFound","message":"{\r\n \"_version\": 3,\r\n \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: db8fd35f-8bb9-4f36-ac0e-1427d1f95f7f - Url: https://fef.msua04.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDevices%28%27xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx%xx%xx/microsoft.management.services.api.remoteLock?api-version=2021-04-07\",\r\n \"CustomApiErrorPhrase\": \"\",\r\n \"RetryAfter\": null,\r\n \"ErrorSourceService\": \"\",\r\n \"HttpHeaders\": \"{}\"\r\n}","innerError":{"date":"2022-05-10T21:18:50","request-id":"db8fd35f-8bb9-4f36-ac0e-1427d1f95f7f","client-request-id":"db8fd35f-8bb9-4f36-ac0e-1427d1f95f7f"}}}
在 Uri 中第二次调用 Users 的错误消息是:
Invoke-RestMethod: {"error":{"code":"No method match route template","message":"No OData route exists that match template ~/entityset/key/navigation/key/action with http verb POST for request /DeviceFE/StatelessDeviceFEService/users('xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx')/managedDevices('xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx')/microsoft.management.services.api.retire.","innerError":{"date":"2022-05-10T20:48:21","request-id":"335505da-6996-4aff-a084-ff5ea780c285","client-request-id":"335505da-6996-4aff-a084-ff5ea780c285"}}}
如有任何帮助,我们将不胜感激。谢谢!
我们确定我们使用的 ID 不正确。我们最初使用 Uri https://graph.microsoft.com/v1.0/users/$email/ownedDevices 中的 Id 字段,它返回了不正确的 Id。我们应该一直使用 https://graph.microsoft.com/v1.0/users/$email/managedDevices 中的 ID。将该 ID 与 retire 命令一起使用成功。
我正在尝试使用 Graph API 和 Powershell 淘汰 Endpoint Manager 中存在的设备。我一直在关注此处的 Microsoft 文档 (https://docs.microsoft.com/en-us/graph/api/intune-devices-manageddevice-retire?view=graph-rest-1.0),但将 运行 保持在相同的模糊错误中。使用Powershell,我运行的命令如下:
$Params = @{
Uri = "https://graph.microsoft.com/v1.0/deviceManagement/managedDevices/$Id/retire"
Method = 'Post'
Headers = @{
Authorization = "Bearer $Token"
}
ErrorAction = 'Stop'
ContentType = 'application/json'
}
Invoke-RestMethod @Params
Uri中的$Id变量是设备的ID(id字段,不是deviceId)。我还按照文档中的示例使用以下 Uri 进行了尝试
https://graph.microsoft.com/v1.0/users/$userId/managedDevices/$Id/retire 产生了不同的错误。
需要注意的一件事是,在 Azure 中,我们为 DeviceManagementManagedDevices.PrivilegedOperations.All 启用了应用程序权限,但文档说它应该是 DeviceManagementManagedDevices.PrivilegedOperation.All(操作后没有 S)。我们不确定这是否是错字,但我们无法授予 DeviceManagementManagedDevices.PrivilegedOperation.All.
这是第一个 API 没有用户的调用的错误消息,ID 上有 x:
Invoke-RestMethod: {"error":{"code":"ResourceNotFound","message":"{\r\n \"_version\": 3,\r\n \"Message\": \"An error has occurred - Operation ID (for customer support): 00000000-0000-0000-0000-000000000000 - Activity ID: db8fd35f-8bb9-4f36-ac0e-1427d1f95f7f - Url: https://fef.msua04.manage.microsoft.com/DeviceFE/StatelessDeviceFEService/deviceManagement/managedDevices%28%27xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxx%xx%xx/microsoft.management.services.api.remoteLock?api-version=2021-04-07\",\r\n \"CustomApiErrorPhrase\": \"\",\r\n \"RetryAfter\": null,\r\n \"ErrorSourceService\": \"\",\r\n \"HttpHeaders\": \"{}\"\r\n}","innerError":{"date":"2022-05-10T21:18:50","request-id":"db8fd35f-8bb9-4f36-ac0e-1427d1f95f7f","client-request-id":"db8fd35f-8bb9-4f36-ac0e-1427d1f95f7f"}}}
在 Uri 中第二次调用 Users 的错误消息是:
Invoke-RestMethod: {"error":{"code":"No method match route template","message":"No OData route exists that match template ~/entityset/key/navigation/key/action with http verb POST for request /DeviceFE/StatelessDeviceFEService/users('xxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxx')/managedDevices('xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx')/microsoft.management.services.api.retire.","innerError":{"date":"2022-05-10T20:48:21","request-id":"335505da-6996-4aff-a084-ff5ea780c285","client-request-id":"335505da-6996-4aff-a084-ff5ea780c285"}}}
如有任何帮助,我们将不胜感激。谢谢!
我们确定我们使用的 ID 不正确。我们最初使用 Uri https://graph.microsoft.com/v1.0/users/$email/ownedDevices 中的 Id 字段,它返回了不正确的 Id。我们应该一直使用 https://graph.microsoft.com/v1.0/users/$email/managedDevices 中的 ID。将该 ID 与 retire 命令一起使用成功。