Add Computer Device to AAD Group via Graph API in Powershell

Question

how do i add a computer device to an existing AAD security group? I create a token with this

$Body = @{
    'tenant'        = $TenantId
    'client_id'     = $ClientId
    'scope'         = 'https://graph.microsoft.com/.default'
    'client_secret' = $ClientSecret
    'grant_type'    = 'client_credentials'
}

$Params = @{
    'Uri'         = "https://login.microsoftonline.com/$TenantId/oauth2/v2.0/token"
    'Method'      = 'Post'
    'Body'        = $Body
    'ContentType' = 'application/x-www-form-urlencoded'
}

$AuthResponse = Invoke-RestMethod @Params

$Headers = @{
    'Authorization' = "Bearer $($AuthResponse.access_token)"
}

After that i can make queries to the Graph API. Fetching group information

Invoke-RestMethod -Uri 'https://graph.microsoft.com/v1.0/groups/' -Headers $Headers

Getting the correct result with all information of the group.

The microsoft documentatios says to add a member use this:

https://graph.microsoft.com/v1.0/groups/{id}/members/$ref

But where i do define the ObjectID of the computer device? If i run the request like above, nothing will happen, like described in the microsoft docs.

This one also would not work:

https://graph.microsoft.com/v1.0/groups//members/

Then it says that the group does not exists

"error": {
 "code": "Request_ResourceNotFound",
 "message": "Resource '' does not exist or one of its queried reference-property objects are not present.",
 "innerError": {
   "date": "2020-08-25T12:47:10",
   "request-id": "bc728016..."
 }
}

Neither GET nor POST works.

Any ideas or is more information needed?

Maybe i am using the wrong query to accomplish what i want to do. I took a look at the directoryObject querys, but everytime i got refered to the Add member to group Site

Thanks!

Add Computer Device to AAD Group via Graph API in Powershell

Answers (1)

Related Questions