Embarking on the journey of Windows Autopilot management? Buckle up as we unveil a nifty script that’s about to become your secret weapon for a seamless bulk update of group tags on Windows Autopilot devices. Say goodbye to tedious manual adjustments and wave hello to efficiency at its finest!
Table of Contents
Script Logic
To seamlessly change the group tags of your devices, we’ll leverage the power of two essential cmdlets: Get-AutopilotDevice and Set-AutopilotDevice (the PowerShell package can be found here). The process is straightforward—firstly, we retrieve the Windows Autopilot object using the Get-AutopilotDevice cmdlet. Next, armed with this information, we employ the Set-AutopilotDevice cmdlet to effortlessly assign the new value to the desired group tag. It’s a dynamic duo of cmdlets simplifying the entire process with precision and ease.
Change Windows Autopilot group tags
Changing Windows Autopilot group tags is an important aspect of managing device configurations in larger organizations that use Windows Autopilot for provisioning. There are several scenarios where modifying the group tag might be required.
For example, when devices are reassigned to different departments, such as moving from a sales team to the IT department, their group tags should be updated to reflect this change. This ensures that each department’s devices receive the appropriate configurations and policies.
Another scenario could involve adding new devices for a specific role or project, where a new group tag is created to ensure the correct Autopilot profile is applied. Additionally, as security requirements evolve, updating group tags can help enforce more stringent policies for specific groups of devices, such as those used in highly regulated departments like finance or healthcare.
By changing the group tags, organizations can automate and streamline the provisioning process, applying tailored settings to devices based on their role or department.
The Script
This PowerShell script is designed to bulk update the group tags for Windows Autopilot devices. It starts by connecting to Microsoft Graph and allowing the user to specify the new group tag and provide a file containing serial numbers of the devices to be updated. The script then validates the file’s existence and iterates through each serial number, applying the new group tag using the Get-AutopilotDevice and Set-AutopilotDevice cmdlets. Error handling is included to capture any issues, and all actions related to Windows Autopilot, including successes and failures, are logged using Start-Transcript to a log file in C:\Temp. This provides an efficient, automated way to manage group tag updates across multiple devices.
Windows Autopilot provides a streamlined approach to setting up and managing devices, making it essential for IT departments to understand how to implement group tags effectively.
You can find the script on my GitHub page too.
# Install-Module -Name Microsoft.Graph
# Install-Module -Name WindowsAutoPilotIntune
# Be sure to have the correct permissions to perform Autopilot related operations
Connect-MgGraph
# Specify the new group tag here
$Grouptag = "NewGroupTag"
# Start transcript to log the output
$logFilePath = "C:\Temp\autopilot_updates.log"
Start-Transcript -Path $logFilePath
# Get the serial numbers of the devices that we want to change group tag
$serialsTXTFilePathLocation = Read-Host "Enter the txt path location containing the serial numbers:"
# Validate if the file exists
if (-Not (Test-Path $serialsTXTFilePathLocation)) {
Write-Host "File not found. Please check the path."
exit
}
$serials = Get-Content -Path $serialsTXTFilePathLocation
foreach($serial in $serials)
{
Write-Host "Changing Group tag for: $serial"
try {
Get-AutopilotDevice -serial $serial | Set-AutopilotDevice -groupTag $Grouptag
Write-Host "Successfully updated group tag for device: $serial"
} catch {
Write-Host "Failed to update group tag for $serial. Error: $_"
}
}
# Stop the transcript and save the log file
Stop-TranscriptReferences
- WindowsAutoPilotIntune
- Support Tip: Using group tags to import devices into Intune with Autopilot
- Create device groups for Windows Autopilot
Other Interesting Posts