Service Graph Connector for Microsoft Intune - Retrieving Mac Addresses

Michael H1
Tera Guru

‎04-19-2023 09:46 AM - edited ‎11-21-2023 07:58 AM

Hi, this is not a question but an answer to a problem that I experienced when working in the "Service Graph Connector for Microsoft Intune" plugin. I don’t have the ability to post articles but in the event anyone else ran into this issue, I wanted to provide a solution.


I’m not sure if anyone else has run into this, but the out-of-box “computer” action for this plugin which pulls in the list of attributes for Intune Computers does not work for pulling in Mac Addresses.

MichaelH1_0-1681921544307.png

 

When loading in test records for the import, I observed that the ethernetMacAddress attribute was not being populated for records.

MichaelH1_1-1681921544309.png

 

In the Intune Admin Center in our environment, however, the field is populated for Computer records.

MichaelH1_2-1681921544312.png

 

 

Without going down too much of the rabbit hole, I discovered that the issue was indeed with the API itself. Here are the PowerShell steps I took to determine this. (The Graph Explorer API was also useful: https://developer.microsoft.com/en-us/graph/graph-explorer)

1) In Powershell, I ran the following command:

 

 

Install-Module -Name Microsoft.Graph.Intune

 

 


2) To connect to our Intune Instance I used the below command. Which of course prompts for credentials. It is best if you have an account with admin/read access to Intune devices and properties, of course.

 

 

Connect-MSGraph

 

 


3) To get the attributes of a device I used the following command:

 

 

Get-IntuneManagedDevice -filter "deviceName eq '{deviceName}'" | GET-MSGraphAllPages

 

 


As you can see, no value is returned for ethernetMacAddress.

MichaelH1_0-1700582289117.png

 

Eventually, I read through the Microsoft Graph API documentation at https://learn.microsoft.com/en-us/graph/api/resources/intune-devices-manageddevice?view=graph-rest-1... and noticed the following:

MichaelH1_4-1681921544323.png

 

I believe this explains why the ethernetMacAddress attribute/field values for each record is not populated during the Intune import. It appears to be an inherent limitation of the API, one which the ServiceNow plugin does not account for (please correct me if I am mistaken).

 

Here is the solution I implemented. There may be a more optimal way to perform this, but this has worked for us:

1) Created a custom action with the Intune connectionalias and Intune Device ID as inputs. Initially, we were not populating the Intune Device ID on computer records, but decided to do so as part of the import as a read only field so we can pass it back to Intune to retrieve Mac Addresses for devices.

MichaelH1_5-1681921544324.png

 

2) Created a REST step that selects the ethernetMacAddress value of a single Intune Device passed.
Get command: https://graph.microsoft.com/beta/deviceManagement/manageddevices('$DeviceID')?`$select=ethernetMacAddress

MichaelH1_6-1681921544334.png

 

3) I have a Flow that executes after the Intune Import is completed that then checks for devices updated by Intune and updates their Mac Addresses accordingly using the above custom action. I will not show the Script step but it adds colons in the Mac Address as we need it to be a specific syntax. The GET request only returns it as a string of alphabetic and numeric values. But the same goes for the managedDevice entity for the wiFiMacAddress attribute.

If I have provided incorrect information, please correct me if I am wrong. I do not see anything in the Intune plugin that addresses the above limitation, however. I may be missing something as I have not seen anyone else post about this. It would surprise me if I am the first. In the event that others have run into this and simply not posted, however, I hope this saves you some time. And if it is an issue that everyone experiences, perhaps this can be addressed in an update by whoever maintains the "Service Graph Connector for Microsoft Intune" plugin.

  • 3,924 Views
9 REPLIES 9

Steve Stivers1
Tera Contributor

‎11-14-2023 08:08 AM

I have opened a case with ServiceNow to get this fixed. 

In the mean time I have been able to implement a work around using the REST call as mentioned above.
I made the call in the execute before script of the robust transform and inserted the data into the payload. Doing this allows the IRE to create the network adapter records we needed.

 

Thank you for doing all the work to find the API that will work to get the MAC address.

Michael H1
Tera Guru
In response to Steve Stivers1

‎11-15-2023 02:56 PM - edited ‎03-22-2024 10:55 AM

Hi @Steve Stivers1, would you mind providing that before script for individuals that may come across this thread? We are seeing that we need to have network adapter records created, too, and they won't be created with the original method I mentioned above.

0 Helpfuls

Steve Stivers1
Tera Contributor
In response to Michael H1

‎12-01-2023 10:12 AM

Sorry, I missed your reply somehow.

We are doing some other things in the Execute before script as well so I cut these relevant parts out to post here (attached file). It has not been tested in this form.

I also had to create the "Microsoft Graph Intune MAC" rest message for this to call.

 
Preview file
2 KB

Miroslaw M
Tera Contributor
In response to Steve Stivers1

‎07-01-2025 12:02 PM

Hey has this ever been fixed? can i somehow upvote your idea? Thanks.

0 Helpfuls