In this post, we will use a PowerShell script that uses the AzureAD PowerShell module to list all the registered devices (phones, computers, etc) in the organisation with the OS type, last logon time and the display name of each device.
In the previous articles, we discussed which Azure AD PowerShell module is recommended to use and based on that we are using the AzureAD module.
Devices
By default, when an Azure AD user signs into any device (phone, computer, etc.), their device get registered in Azure Active Directory regardless if the device is domain joined or not.
Using the following Get-AzureADDevice command we can list all the devices that are currently registered in Azure AD.
Get-AzureADDevice You can check a specific device by using the device’s objectid with the following command.
Get-AzureADDevice -ObjectId ddsf-b4b4-4vbvbcb9-69-064a480 | flBoth commands are good; however, the first one gives limited information, and the second is limited to one device.
List All Devices with Detailed Information
To overcome the limitations of the above commands, we can use the following PowerShell script, which will list all the registered devices in the organisation with the OS type, Display name, profile type and the last time someone logged in to the device.
# Devices.ps1
$alldevices = Get-AzureADDevice
foreach ($item in $alldevices) {
Get-AzureADDevice -ObjectId $item.ObjectId | select DisplayName, DeviceOSType, ProfileType, ApproximateLastLogonTimeStamp
}
The end result should look like the below output.
PS C:\> .\devices.ps1
DisplayName DeviceOSType ProfileType ApproximateLastLogonTimeStamp
----------- ------------ ----------- -----------------------------
DHP032 Windows RegisteredDevice 27/06/2021 9:52:27 AM
DHP005 Windows RegisteredDevice 5/06/2021 4:50:47 AM