Home
PowerShell
Get-MgDeviceManagementDeviceConfiguration

How to get device configuration profiles using Microsoft Graph PowerShell

The Get-MgDeviceManagementDeviceConfiguration cmdlet retrieves all device configuration profiles from Microsoft Intune through Microsoft Graph. These profiles define and enforce policies on managed devices, such as password requirements, encryption, and VPN settings. By using this cmdlet, admins can quickly list and review existing device configurations and export details for compliance or troubleshooting. It is particularly useful when managing large environments, where accessing configurations directly from the Intune portal can get time-consuming.

Getting device configuration profiles using Microsoft Graph PowerShell

Prerequisites

Install the Microsoft Graph PowerShell module and connect with device management read permissions:


                              Install-Module Microsoft.Graph -Scope CurrentUser 

                              Connect-MgGraph -Scopes "DeviceManagementConfiguration.Read.All"

Using the Get-MgDeviceManagementDeviceConfiguration cmdlet

To retrieve a list of profiles, simply run:


                              Get-MgDeviceManagementDeviceConfiguration

Examples

Example 1: List available device configuration profiles


                              Get-MgDeviceManagementDeviceConfiguration | Select-Object Id, DisplayName, Description

Example 2: Retrieve a configuration profile by ID


                              Get-MgDeviceManagementDeviceConfiguration -DeviceConfigurationId "profile-id"

Example 3: Filter device configurations by display name containing “WiFi”


                              Get-MgDeviceManagementDeviceConfiguration -Filter "contains(displayName,'WiFi')"

Supported parameters

The following are some essential parameters that can be used along with the Get-MgDeviceManagementDeviceConfiguration cmdlet:

Parameter	Description
-DeviceConfigurationId	The unique ID of the specific device configuration profile.
-Top	Limits the number of results returned.
-Filter	Refines results with an OData filter string.
-Expand	Includes related entities inline with results.
-Select	Returns only specified properties.

Limitations of using Microsoft Graph PowerShell to get application role assignments

PowerShell commands can get complex with different use cases and scenarios.
IT admins can spend a lot of time troubleshooting errors, which in turn negatively impacts productivity.
Delegation can get tricky since technicians require elevated permissions.

How ADManager Plus helps you manage Microsoft Entra ID

ADManager Plus, an identity governance and administration solution with comprehensive Microsoft Entra ID management and reporting capabilities, simplifies complex admin tasks from a single, user-friendly console:

Manage Entra ID users, contacts, groups, licenses, and other objects with a script-free, centralized console.
Reduce human errors by automating user provisioning, deprovisioning, and license assignment across various platforms.
Delegate Entra ID tasks to technicians without elevating their native privileges.
Keep a watchful eye with 200+ prepackaged reports for your Entra ID and AD environments.
Monitor delegated activities through smart workflows.
Ensure business continuity with AD, Entra ID, and Google Workspace backup and recovery.

Perform script-free Microsoft Entra ID management and reporting with ADManager Plus

Try it now for free

Getting device configuration profiles using Microsoft Graph PowerShell
Examples
Supported parameters
Limitations of using Microsoft Graph PowerShell to get application role assignments
How ADManager Plus helps you manage Microsoft Entra ID

Related features:

Related Powershell Guides: