# How to change the owner of an Azure Active Directory device In Azure AD, you can see that each device has an owner. The owner is the user who joined the device to Azure AD, which is sometimes the administrator account. If you want to change the owner, you won’t be able to do so through the Azure portal. That is why in this post, I will show you how to change the owner of an Azure AD device using PowerShell. ## PowerShell Workaround First, you must ensure the AzureAD module is installed on your computer and then imported into your PowerShell session. To do that, you should use the following commands. ``` Install-Module AzureAD Import-module AzureAD ``` Once you have imported the module, you are ready to start. ## Connect to Azure Active Directory The easiest way to get started is to log in interactively at the command line. ``` Connect-AzureAD ``` ## Locate the device To get the device object in your tenant, you must use the `Get-AzureADDevice` cmdlet and pass the device name in the `-SearchString` parameter. ``` $device=Get-AzureADDevice ` -searchString "SAD001" ``` To change the owner property on a device, you must know the value of the “ObjectId” property of the device in question. I will store the device object in the `$device` variable to improve the code reading. If you don’t know the device name or want to list all devices, you should use the `Get-AzureADDevice` cmdlet without any parameters. ## Check the current owner of the device To get the current registered owner for the device, you should use the `Get-AzureADDeviceRegisteredOwner` cmdlet with the following syntax. ``` (Get-AzureADDeviceRegisteredOwner -ObjectId $device.ObjectId).DisplayName ```

**Important:** Hybrid Azure AD joined Windows 10, or newer devices don’t have an owner.

## Add an owner for the device To add a user as an owner to a device, the user must be registered in your tenant and know the value of the user’s “ObjectId” property. I will store the user object in the $user variable to improve code readability. ``` $owner=Get-AzureADUser ` -searchString "Jorge Bernhardt" ``` Once the user object is stored in the `$owner` variable, you should use the `Add-AzureADDeviceRegisteredOwner` cmdlet with the following syntax to add the user as the device’s new owner. ``` Add-AzureADDeviceRegisteredOwner ` -ObjectId $device.ObjectId ` -RefObjectId $owner.ObjectId ``` The device object can have more than one owner, but the Azure portal will only display the last added owner. ## Remove the owner of the device Using the following syntax, you can always remove a device owner using the `Remove-AzureADDeviceRegisteredOwner` cmdlet. ``` $user=Get-AzureADUser ` -searchString "some user" Remove-AzureADDeviceRegisteredOwner ` -ObjectId $device.ObjectId ` -OwnerId $user.ObjectId ``` ## Verify the changes made Once the previous step is done, to verify that the change was successful, use the `Get-AzureADDeviceRegisteredOwner` cmdlet with the following syntax. ``` Get-AzureADDeviceRegisteredOwner ` -ObjectId $device.ObjectId ```
![get-azureaddeviceregisteredowner.ps1__hu04ac47f3f3b928abd03e0ae300595b41_18816_1700x0_resize_box_3.png](https://wiki.mutschlerhome.com/scripts/get-azureaddeviceregisteredowner.ps1__hu04ac47f3f3b928abd03e0ae300595b41_18816_1700x0_resize_box_3.png) [Original Article](https://www.jorgebernhardt.com/change-owner-azuread-device/#:~:text=In%20Azure%20AD%2C%20you%20can,so%20through%20the%20Azure%20portal.)