Reputation: 340
ACTIVE DIRECTORY USERS AND GROUP INFO
I am looking to get all details of object id and display name present in my Azure active directory. I know we can get display name using id using POWERSHELL
I am looking for a way to grab all details which are available. Is there any python/powershell way to achieve this?
Upvotes: 1
Views: 192
Answers (2)
Reputation: 3824
Here is how you can do it in PowerShell using the Microsoft Graph. You will need to setup an App Registration with at least Directory.Read.All for Microsoft Graph.
$TenantId = "xxxxxxxx-xxxx-xxxx-xxxx--xxxxxxxxxxxx"
$ClientId = "xxxxxxxx-xxxx-xxxx-xxxx--xxxxxxxxxxxx"
$ClientSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"
$logonURI = "login.microsoftonline.com" #Azure GCC-H: "login.microsoftonline.us"
$graphURI = "graph.microsoft.com" #Azure GCC-H: "graph.microsoft.us"
# Create a hashtable for the body, the data needed for the token request
# The variables used are explained above
$Body = @{
'tenant' = $TenantId
'client_id' = $ClientId
'scope' = "https://{0}/.default" -f $graphURI
'client_secret' = $ClientSecret
'grant_type' = 'client_credentials'
}
# Assemble a hashtable for splatting parameters, for readability
# The tenant id is used in the uri of the request as well as the body
$Params = @{
'Uri' = "https://{0}/$TenantId/oauth2/v2.0/token" -f $logonURI
'Method' = 'Post'
'Body' = $Body
'ContentType' = 'application/x-www-form-urlencoded'
}
$AuthResponse = Invoke-RestMethod @Params
$Headers = @{
'Authorization' = "Bearer $($AuthResponse.access_token)"
}
# 1. List all Users
$usrURI = "https://{0}/v1.0/users" -f $graphURI
$usrResult = Invoke-RestMethod -Uri $usrURI -Headers $Headers
$Users = $usrResult.value
while ($usrResult.'@odata.nextLink') {
Write-Host "Getting another page of 100 users..."
$usrResult = Invoke-RestMethod -Uri $usrResult.'@odata.nextLink' -Headers $Headers
$Users += $usrResult.value
}
foreach ($user in $Users)
{
$user
}
Upvotes: 1
Reputation: 12821
Once you know the displayname may be you can filter it as described in the Microsoft documentation for all other details.
example from documentaion.
PS C:\Windows\system32> Get-AzureADGroup -Filter "DisplayName eq 'The Display Name'"
Which gives all below details (copied from the Microsoft documentation link.)
https://learn.microsoft.com/en-ca/azure/active-directory/enterprise-users/groups-settings-v2-cmdlets
DeletionTimeStamp :
ObjectId : 31f1ff6c-d48c-4f8a-b2e1-abca7fd399df
ObjectType : Group
Description : Intune Device Administrators
DirSyncEnabled :
DisplayName : Intune Administrators
LastDirSyncTime :
Mail :
MailEnabled : False
MailNickName : 4dd067a0-6515-4f23-968a-cc2ffc2eff5c
OnPremisesSecurityIdentifier :
ProvisioningErrors : {}
ProxyAddresses : {}
SecurityEnabled : True
Upvotes: 0
Related Questions
- How to check which Azure Active Directory Groups I am currently in?
- Azure Active Directory Groups/Roles
- Everyone, All Users, and Authenticated Users in Azure Active Directory
- Azure Active Directory Group - controlling user access
- Active Directory groups and roles
- Users and groups support for Azure AD App Registration
- Azure ad group membership claims
- OpenID Connect and Azure AD Users and Groups
- Azure Active Directory Get User Groups
- Getting users groups when getting a user