ADConnect has started syncing user object custom extension attributes from AD to Azure AD but this does not currently work for device objects that are hybrid joined.

I have written the script below, based on Tony Redmond's excellent script: https://office365itpros.com/2022/09/06/azure-ad-registered-devices/, to take some AD attributes and update them in Azure AD for the device.

# Update Azure AD Devices Extension Attibutes

$path = "DC=contoso,DC=local"
Connect-MgGraph -Scopes "Directory.AccessAsUser.All"
Select-MgProfile Beta
[array]$Devices = Get-MgDevice -All

ForEach ($Device in $Devices) {
  If ($Device.PhysicalIds.count -gt 0) {
	$name = $Device.DisplayName
	Write-Host ("Device {0}" -f $name)
	try{$pc = get-adcomputer -Filter {name -eq $name -and enabled -eq $true} -SearchBase $path -Properties name,ManagedBy,lastlogon,description,operatingSystem,operatingSystemVersion | Select-Object Name,Enabled,@{N='ManagedBy';E={$_.ManagedBy.Substring($_.ManagedBy.IndexOf("=") + 1, $_.ManagedBy.IndexOf(",") - $_.ManagedBy.IndexOf("=") - 1)}},@{n='LastLogon';e={[DateTime]::FromFileTime($_.LastLogon)}},DistinguishedName,Description,operatingSystem,operatingSystemVersion}
catch{}
	if(!$pc) {
		Write-Host ("Device {0} not found in AD" -f $name) -fore red
	} else {
		Write-Host ("Updating device {0} extension attributes" -f $name) -fore green
		$lastlogon = ($pc.lastlogon).tostring()
		$Attributes = @{
			"extensionAttributes" = @{
			"extensionAttribute1" = $pc.DistinguishedName
			"extensionAttribute2" = $pc.description
			"extensionAttribute3" = $pc.ManagedBy
			"extensionAttribute4" = $lastlogon
			"extensionAttribute5" = $pc.operatingSystem
			"extensionAttribute6" = $pc.operatingSystemVersion
			}
		}  | ConvertTo-Json
		Update-MgDevice -DeviceId $Device.Id -BodyParameter $Attributes 
	}
  }
}

Hopefully ADConnect will be updated to sync the attributes in the future and then this script will no longer be required.