- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-04-2022 01:00 AM
Can I get help to understand what is 'assigned to' on computer in ServiceNow mapped to from Intune?
There are two fields in Intune - 'Primary User' and 'Enrolled User'
I can see the data stream is using the API /deviceManagement/managedDevices/
The API doesnt really mentions if its returning primary user or enrolled user.
Can someone help me understand the difference between the primary user or enrolled user. Also based on the imported data, it appears that the api returns enrolled user. If so, how can we configure it to populate primary user?
Solved! Go to Solution.
- Labels:
-
Service Graph
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-08-2022 07:10 AM
Hi Parth,
Jim has provided an excellent answer to your mapping question with visualization. The API call returns only the enrolled user, even though the attribute name says primary user. When a user is assigned to a device initially, the enrolled and primary user remain the same. But if the same device is reassigned to another user, either the user left the tenant or for other business reasons, then the primary user name gets reassigned to the new user but the enrolled user will have the original enrolled user name. That is the difference between the two attributes in Intune.
We have fixed this to reflect the current device owner in an upcoming release of Intune(do not have dates yet!). Per Microsoft, we have to make another API call to get the current primary user name as the device API only returns enrolled user name (misleading with an attribute name like "userPrincipalName").
Here is the Graph API call to know the primary user name:
https://graph.microsoft.com/beta/deviceManagement/managedDevices/<deviceid>/users
The output of the above API call will give us the actual/current device owner or the primary user name. No surprise here from Microsoft and the attribute name again is "userPrincipalName".
I was also told that Microsoft is working on converging these API calls so it correctly reports on the primary user name on the current device call but it is not in place yet and not sure of the timeline also.
This involves making an additional API call for each device to know the primary username. We typically do performance testing as part of any major changes, especially when it comes to additional API calls to make sure it did not degrade current performance. This is work in progress as we speak. We would highly recommend you to wait and take the upgrade when it is available, assuming all the testing/performance are acceptable.
Hopefully this helps clarify your questions.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
12-18-2022 05:06 PM
Hi Palani,
When can we expect the new version of the Intune connector? It has been a while and I would say this is a bug as wrong users are being populated to 'Assigned to'
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-30-2023 07:56 AM
Hi Palani, Thanks for the clarification.
I was not able to see the changes made to this Primary User field brought in our staging table. So just to clarify that means Enrolled user field value is being brought up in UserPrincipalName field and its actually not this Primary User's field value.
Do we have any official Kb article or Prb raised for this? Also when can we expect a solution for this?
we are using Ver 2.1.2 for Service Graph Intune. Is it not fixed in this version?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-22-2023 07:02 AM
I see that version 2.2.1 of the plugin has now been released and in the release notes states:
- Enhanced Intune by bringing attributes for devices - lastSyncDateTime, azureADRegistered, managedDeviceOwnerType, isSupervised, userPrincipalName,isEncrypted,managementAgent
Does this mean that in this latest version we have the ability to bring through primary user?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-06-2023 03:18 PM
The userPrincipalName field is empty for me on imports, using 2.2.1. @Nick Hynes have you had any luck?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-13-2023 05:33 PM
Did some more experimenting on this and discovered that the Flow Action 'getuser' was failing with insufficent permissions. I updated my Microsoft App registration for intune, granting the application permission 'User.Read.All', and refreshed the oAuth token, fixing the flow action.
During the next import, the userprincipalname was set. Hope this helps others.