Recently I’ve been needing to put into Azure AD Groups large numbers of device objects and it turns out you can’t easily use the out of the box tools in the Azure Portal. That’s because the Azure Portal bulk import process expects the device GUID and you can’t use the device name.
That is unfortunate because the device name is something that is easily sourced from Sentinel for example. Therefore I’ve created this PowerShell script (Add-DevicesToAzureAdGroup.ps1) which I’ve been using a lot.
Pre-requisites
There are the obvious pre-requisites before you can run the script that
- you will need to have already installed the AzureAD PowerShell module (this can be done by running the command Install-Module AzureAD),
- also you will need an account in Azure AD with the appropriate permissions to modify group memberships or be the owner of the group you want to modify. The script will prompt you to login, if there isn’t already a valid session with AzureAD.
Sample usage
- Simply download the script and sample CSV file from GitHub
- Populate the CSV file with the device names (keeping the DeviceName header row)
- Run the command similar to the example below pointing to the CSV file and providing the group name
.\Add-DevicesToAzureAdGroup.ps1 -GroupName "My Device Group" -InputFile "C:\Scripts\SampleDeviceFile.csv"