Let’s learn how to Import Bulk Devices to AAD Group for Intune Management. Adding one or a few devices to the Azure groups is very easy. If you have a requirement to add more devices, you might think about how we can add them quickly.
Azure AD provides bulk import devices option to import devices into Azure Active Directory Assigned groups. This option is not available for AAD Dynamic groups. You can add multiple devices/users into respective AAD groups using comma-separated values (CSV) file.
I have a scenario where I need to export devices from a specific AAD group (or all devices) and create a new AAD assigned group with a subset of devices. It would be great if we had an option to create duplicate Azure AD groups so that we can avoid this type of activity.
There are some duplication features available in the MEM admin center portal. You can create a copy of Intune Settings Catalog policy, and also you can create a copy of the Intune RBAC role.
Note! You can import bulk devices into the Assigned Group, not Dynamic Groups.
- Learn How to Setup Dynamic Device Groups in Intune
- Restore Deleted AAD User from Azure Active Directory Portal
Download Azure AD Group Import CSV Template
The first is to download Azure AD Group Import CSV Template, and then we need to fill that template with the Device Object ID from Azure AD.
Let’s see the detailed step to get the CSV template for bulk import of devices into the Azure AD Group. Follow the steps to complete this process.
- To download the CSV template, you must log in to the Microsoft Endpoint Manager admin center portal https://endpoint.microsoft.com.
- You can navigate to Groups > All groups.
Select the appropriate Assigned Group (not AAD dynamic group) where you want to import the bulk devices. Then click on Members.
To download the CSV template, click on Bulk operations > Import members.
You can download the CSV template to understand which format you can save the data into the CSV file.
Read more on How to Create Nested Azure AD Dynamic, Groups.
How to Get Object IDs for the Devices
Let’s check How to Get Object IDs for the devices you want to import into the new Azure AD group. This is one of the easiest methods to get the Object IDs.
NOTE! – Don’t get confused with Device IDs and Object IDs for devices in Azure AD. To perform the import of devices into the AAD group, you need Object IDs.
Follow the steps mentioned below to get the Object IDs from All device nodes in the Azure AD portal. Sign in to the Azure AD admin center https://aad.portal.azure.com/.
- Navigate to the Devices node.
- Under Devices node -> Click on All Devices.
- Click on the Download Devices option from the All devices node.
- Click on the Start button to download the file.
You need to wait for the download process to complete. Once the file is ready to download. The following message will appear in the portal. You can check the status of the download operations from the link called “Click here to view the status of each operation.”
- The file is ready! Click here to download
You can open the downloaded spreadsheet and select and copy the Object IDs of the devices you want to import. You must use the Object IDs in the following section to prepare the CSV file to import devices into the Azure AD group.
Prepare CSV file to Import Bulk Devices to Azure AD group
You have the Object IDs for the device that you want to import. Let’s now prepare a CSV file in the format Microsoft prescribed in their documentation. Once you open the CSV file template, it will look below format.
The details of rows in a downloaded CSV template are very important: The version number must be the first row in the upload CSV.
Column heading’s format must also follow the standards as prescribed by Microsoft. The column headings are given below:
- <Item name> [PropertyName] <Required or blank>
- For example,
Member object ID or user principal name [memberObjectIdOrUpn] Required.
NOTE! – You could see some differences in older versions of the template. For group membership changes, you have the option of which identifier to use: member object ID or user principal name. You can also refer to the Microsoft documents here.
- For User AAD Groups – > Use User Principal
- For Device AAD Groups -> Use Object IDs
In this template, you can keep Excel Row Number 1 & 2. In the 3rd row, you need to store the device object ID. Over here, you must paste the Object IDs from the above section of the post. Once ready, you need to save the CSV file (GroupImportMembersTemplate.csv), and you have to use this file in the below section.
How to Import Bulk Devices to AAD Group for Intune Management
Let’s see the detailed steps to Import Bulk Devices to AAD Group for Intune Management. You can navigate Groups > All groups (Preview) from the MEM Admin center portal.
The saved CSV template must be used here to import device records to the AAD group. Try to upload the file into the Intune portal. You can follow the steps below to upload the CSV file to the MEM Admin center portal.
- Log in to the Microsoft Endpoint Manager admin center portal https://endpoint.microsoft.com.
- You can navigate to Groups > All groups.
- Open the Azure AD Group that you want to import devices to.
- Navigate to Bulk operations > Import members.
- From the Bulk Import blade, you need to upload the CSV file (Sample file name -> GroupImportMembersTemplate.csv).
- Click on the SUBMIT button.
You need to wait for the file to get uploaded. Once the file is successfully uploaded, the following message will appear in the portal. You can check the status of the download operations from the link called “Click here to view the status of each operation.”
- File Upload Successfully – Bulk operation GroupImportMembersTemplate.csv Succeeded. Click on the title for more information.
NOTE! – If the formatting of the CSV is not accurate, as explained above, the file uploaded successfully message will not appear. Go through the Prepare CSV steps again to validate the formatting of the CSV file.
Results of Bulk Device Import into Azure AD Group
Now let’s check into the HTMD Test Groups; whatever devices we imported successfully added to the groups. Here in below, you can see the results.
Check the post for more info about creating AAD Dynamic Groups based on MDM Intune SCCM Management. Thank you for reading these blogs. I will see you in the next blog.
Author
Debabrata Pati has more than 7+ years of experience in IT. Skilled in MEMCM, Azure, and Powershell. More than five (5) years of experience in MEMCM (SCCM) administration, OSD, and Troubleshooting for the environment with more than 100K client devices.
Thank you for guidance and help. It is easy to understand and screenshot/images added makes it more easily understandable. I was able to Deploy 70 machines in Assigned Group of devices.
Thank you for sharing the knowledge.
Hi Anoop,
How can we find windows device object ID. I have exported devices details with all columns however can see device ID and Azure AD Device ID, which one correct to use?
I had the exact same situation now. Export from Azure and not from Intune then you will get the object ID
What if you have a lengthy list of device names and don’t fancy matching hundreds of device names to get object Ids? How can you convert the device names (hostnames) to their respective object Ids?