I often write script or small applications for devices. Many times I required the AzureAD device ID which can be obtained from registry or by parsing the dsregcmd output. But parsing console output is not really reliable when the output changes for example.
Now, I found a solution by using the netapi32 C library. This library requires converting objects and working with pointers were many of us are not familiar. Therefore, I thought it would be helpful to provide a simple .NET library and a PowerShell module to the community.
My personal use case of the library
I have a program which runs in system context on Azure AD joined devices and should be able to save data to a Azure Function. This is not a big deal, but I would like to have a authentication mechanism to clearly know which device has sent the data. For this I use the library to retrieve the certificate and the device id. This together can be used on server side to verify if the information is correct and results in a device authentication by comparing the data with the AlternativeSecurityIds.
I found this solution based on the information provided by Jairo Cadena in his blog. Thanks for that.
- Build better pilot rings for Updates with MEM Intune - June 13, 2021
- Automatic Intune Documentation evolves to Automatic Microsoft 365 Documentation - May 25, 2021
- Build better pilot rings for Updates with MEMCM - March 14, 2021