Get a list of Intune devices that haven’t synced in X days

Keeping Intune clean is how you keep the dashboards green.

Most of you are here to copy/paste and get reports, so let’s get to it.

This script uses the Microsoft Graph PowerShell module to query your environment. If you already have it installed, ignore the second line.

Change YYYY-MM-DD to something that suits. The filter is saying “Get all devices where the lastSyncDateTime is more recent than YYYY-MM-DD”

The output will generate a csv file at the specified location

# Install the Microsoft Graph PowerShell module
Install-Module Microsoft.Graph

# Authenticate with Microsoft Graph
Connect-MgGraph -Scopes "DeviceManagementManagedDevices.Read.All", "DeviceManagementManagedDevices.ReadWrite.All"

# CSV Report path
$CSVpath = "C:\Temp\DeviceSyncReport.csv"

# Set the filter expression
$filter = "lastSyncDateTime lt YYYY-MM-DDT00:00:00Z"

# Get the Intune-managed devices that match the filter
$devices = Get-MgDeviceManagementManagedDevice -Filter $filter

# Build the CSV report
    foreach ($device in $devices) { 
        $userDeviceProperties = [pscustomobject][ordered]@{
            UserPrincipalName = $device.UserPrincipalName
            DeviceName        = $device.deviceName
            DeviceID          = $
            LastSyncTime      = $device.lastSyncDateTime 
        $userDeviceProperties | Export-CSV -Path $CSVpath -Append -NoTypeInformation   

It is your responsibility to test the scripts you find on this site in your demo environment before running them in production.