search

Microsoft Intune - Connector Builder

hashtag
Connector Information

Microsoft Intune is a Microsoft cloud-based unified endpoint management service for both corporate and BYOD devices. It extends some of the "on-premises" functionality of Microsoft Endpoint Configuration Manager to the Microsoft Azure cloud.

ASM can connect via the Alemba Connector builder. The pull of information is controlled by the scheduling option within the System Administration>Integration>Scheduling option, and the security set by your Azure Administrators. This allows for your full control of when you would like to update the information in ASM.

circle-exclamation

Authentication and Security

In the Application Registration (for the Microsoft Graph Security), ensure you have application Permissions configured to allow creation, update and management of resources. The following is required:

  • DeviceManagementManaged

  • Devices.Read.All

  • Offline_Access

hashtag
Prerequisites

You must have at least ASM 10.6.5 installed with the connector builder functionality.

hashtag
System Access Requirement

  • Application ID

  • Client Secret value (not the client secret ID)

  • DeviceManagementManaged, Devices.Read.All and offline_acces is required

hashtag
Helpful Links

https://learn.microsoft.com/en-us/mem/intune/developer/reports-ref-devicesarrow-up-right

https://learn.microsoft.com/en-us/graph/intune-concept-overviewarrow-up-right

https://developer.microsoft.com/en-us/graph/graph-explorerarrow-up-right

hashtag
Configuring the Connector Builder for Microsoft Intune

Below are examples of the parameters you will want to populate in the connector builder for the Microsoft Intune mapping.

  1. Access the Connector Builder: System Admin>Integration>Connector Builder

  2. Click "Add Connector" to add a new connector

  3. Enter the details (See sections below for details and examples)

    1. Connector Builder Name: Microsoft Intune

    2. Authentication Type: OAuth

  1. Configure Resource Settings, click the "+" to add a Resource

  1. Click the "New Resource" Link to expand and enter the details

    1. Resource Display Name: Intune Device

    2. Resource Id: InTuneDevice

    3. Resource Category: CMDB Item

    4. Resource Description: Microsoft Intune

  2. Complete the queries as follows:

chevron-rightAllhashtag

Query: All

URL: v1.0/deviceManagement/managedDevices?$top=@PAGESIZE

Nested Objects: value

Paged? True

Starting Page No: 0

Page Size: 500

Next Page Property: @odata.nextLink

chevron-rightSearchhashtag

Query: Search

URL: v1.0/deviceManagement/managedDevices?$filter=startswith(deviceName,'@SEARCHTEXT')&$top=@PAGESIZE

Nested Objects: value

Paged? True

Starting Page No: 0

Page Size: 500

Next Page Property: @odata.nextLink

chevron-rightRetrievehashtag

Query: Retrieve

URL: v1.0/deviceManagement/managedDevices/@UNIQUEID?$select=id,deviceName,azureADDeviceId,serialNumber,phoneNumber,complianceState,operatingSystem,osVersion,model,manufacturer,lastSyncDateTime,totalStorageSpaceInBytes,freeStorageSpaceInBytes,imei,iccid,wiFiMacAddress,ethernetMacAddress,enrolledDateTime,isEncrypted,isSupervised,subscriberCarrier,userPrincipalName,managedDeviceOwnerType,physicalMemoryInBytes

Nested Objects Paged? False

  1. Complete the Resource Details

chevron-rightResource Unique Identifier Fieldhashtag

Field ID: id

Data Type: String

chevron-rightResource Display Fieldhashtag

Field ID: DeviceName

Data Type: String

chevron-rightResource Last Modified Fieldhashtag

Field ID: lastsyncDateTime

Data Type: DateTime

  1. Setup fields, Click the "New Fieldset" link

chevron-rightFieldsets Detailshashtag

Fieldset id: DeviceFields

Type: Relative

  1. Add fields to the fieldset, Click the "+" to add a new Field

  1. Click the "+" to repeat and add a new row for all fields you need to add to this fieldset

chevron-rightFields Detailshashtag

hashtag
Field ID: id

Field Display: Device ID

Data Type: String

hashtag
Field ID: deviceName

Field Display: Name

Data Type: String

hashtag
Field ID: azureADDeviceID

Field Display: azureADDeviceID

Data Type: String

hashtag
Field ID: SerialNumber

Field Display: Sertial No

Data Type: String

hashtag
Field ID: PhoneNumber

Field Display: Phone Number

Data Type: String

hashtag
Field ID: complianceState

Field Display: Compliance State

Data Type: String

hashtag
Field ID: OperatingSystem

Field Display: OS

Data Type: String

hashtag
Field ID: osVersion

Field Display: OS Version

Data Type: String

hashtag
Field ID: model

Field Display: Model

Data Type: String

hashtag
Field ID: manufacturer

Field Display: Manufacturer

Data Type: String

hashtag
Field ID: lastSyncDateTime

Field Display: last Sync Date Time

Data Type: String

hashtag
Field ID: totalstorageSpaceInBytes

Field Display: Total Storage in Bytes

Data Type: String

hashtag
Field ID: freestorageSpaceInBytes

Field Display: Free Storage SpaceInBytes

Data Type: String

hashtag
Field ID: imei

Field Display: IMEI

Data Type: Boolean

hashtag
Field ID: iccid

Field Display: ICCID

Data Type: String

hashtag
Field ID: wiFiMacAddress

Field Display: Wi-FI MAC

Data Type: String

hashtag
Field ID: ethernetMacAddress

Field Display: Ethernet Mac Address

Data Type: String

hashtag
Field ID: enrolledDateTime

Field Display: Enrolled Date Time

Data Type: String

hashtag
Field ID: isEncrypted

Field Display: Encrypted

Data Type: String

hashtag
Field ID: isSupervised

Field Display: Supervised

Data Type: String

hashtag
Field ID: CompanyName

Field Display: CompanyName

Data Type: String

hashtag
Field ID: SubscriberCarrier

Field Display: Subscriber Carrier

Data Type: String

hashtag
Field ID: userPrincipalName

Field Display: Primary User

Data Type: String

hashtag
Field ID: managedDeviceOwnerType

Field Display: Ownership

Data Type: String

hashtag
Field ID: physicalMemoryBytes

Field Display: Physical Memory Bytes

Data Type: String

circle-info

Link Settings

This section is not applicable to the configuration. If you need more information about Link Settings, please contact Alemba Support for assistance.

  1. Save your new Connector

  2. Configure your Source

    1. Navigate to System Admin>Integration>Sources

    2. Click the Add icon to add a new source

    3. Select the Connector you just defined, in this example we called it "Connector Builder Test", but yours will likely be some version of Microsoft_InTune, etc...

  1. Complete the Source Properties.

chevron-rightSource Propertieshashtag

URL: https://graph.microsoft.com

Test URL: v1.0/deviceManagement/managedDevices

Manage Token:

  1. Map Your Fields Under Resources arrow-up-right

circle-info

Please note that there are several fields that bring back data as bytes including Total and Free Storage space in Microsoft Intune. If you wish to convert these to GB then you would need to use the transform function in ASM, for example: Math.Round(Convert.toDecimal(PhysicalMemoryinBytes)/1073741824,2)

  1. Set up the integration's scheduled scanarrow-up-right

PreviousMicrosoft Entra ID (Azure Active Directory) - Connector BuilderNextManaging the Federated CMDB

Last updated

Was this helpful?