Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
New-EntraDevice
Creates a device.
Syntax
Default (Default)
New-EntraDevice
-DisplayName <String>
-DeviceOSType <String>
-AccountEnabled <Boolean>
-DeviceId <String>
-DeviceOSVersion <String>
-AlternativeSecurityIds <System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId]>
[-DevicePhysicalIds <System.Collections.Generic.List`1[System.String]>]
[-DeviceTrustType <String>]
[-DeviceMetadata <String>]
[-ApproximateLastLogonTimeStamp <DateTime>]
[-IsManaged <Boolean>]
[-DeviceObjectVersion <Int32>]
[-IsCompliant <Boolean>]
[-ProfileType <String>]
[-SystemLabels <System.Collections.Generic.List`1[System.String]>]
[<CommonParameters>]
Description
The New-EntraDevice cmdlet creates a device in Microsoft Entra ID.
In delegated scenarios involving work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with the required permissions. The following least privileged roles are supported for this operation:
- Intune Administrator
- Windows 365 Administrator
Examples
Example 1: Create a device
Connect-Entra -Scopes 'Directory.AccessAsUser.All', 'Device.ReadWrite.All'
$guid = [guid]::NewGuid()
$newId = New-Object Microsoft.Open.AzureAD.Model.AlternativeSecurityId
$newId.Key = [System.Text.Encoding]::UTF8.GetBytes('test')
$newId.type = 2
$params = @{
AccountEnabled = $true
DisplayName = 'My new device'
AlternativeSecurityIds = $newId
DeviceId = $guid
DeviceOSType = 'OS/2'
DeviceOSVersion = '9.3'
}
New-EntraDevice @params
ObjectId DeviceId DisplayName
-------- -------- -----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb dddddddd-3333-4444-5555-eeeeeeeeeeee My new device
This command creates a new device.
Parameters
-AccountEnabled
Indicates whether the account is enabled.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-AlternativeSecurityIds
Specifies alternative security IDs. See more details on security IDs.
Parameter properties
| Type: | System.Collections.Generic.List`1[Microsoft.Open.AzureAD.Model.AlternativeSecurityId] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ApproximateLastLogonTimeStamp
Specifies last sign-in date time.
Parameter properties
| Type: | System.DateTime |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DeviceId
Specifies the ID of the device.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DeviceMetadata
The metadata for this device
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DeviceObjectVersion
Specifies the object version of the device.
Parameter properties
| Type: | System.Int32 |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DeviceOSType
Specifies the operating system type of the new device.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DeviceOSVersion
Specifies the operating system version of the new device.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DevicePhysicalIds
Specifies the physical ID.
Parameter properties
| Type: | System.Collections.Generic.List`1[System.String] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DeviceTrustType
The trust type for this device
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-DisplayName
Specifies the display name of the new device.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IsCompliant
True if the device complies with Mobile Device Management (MDM) policies; otherwise, false.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-IsManaged
True if the device is managed by a Mobile Device Management (MDM) app such as Intune; otherwise, false.
Parameter properties
| Type: | System.Boolean |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-ProfileType
Specifies profile type of the device.
Parameter properties
| Type: | System.String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-SystemLabels
Specifies labels for the device.
Parameter properties
| Type: | System.Collections.Generic.List`1[System.String] |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Related Links
Feedback
Was this page helpful?