Home > Blockchain >  ACTIVE DIRECTORY USERS AND GROUP INFO
ACTIVE DIRECTORY USERS AND GROUP INFO

Time:12-08

I am looking to get all details of object id and display name present in my Azure active directory. I know we can get display name using id using enter image description here

$TenantId = "xxxxxxxx-xxxx-xxxx-xxxx--xxxxxxxxxxxx"
$ClientId = "xxxxxxxx-xxxx-xxxx-xxxx--xxxxxxxxxxxx"
$ClientSecret = "xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx"


$logonURI = "login.microsoftonline.com" #Azure GCC-H: "login.microsoftonline.us"
$graphURI = "graph.microsoft.com" #Azure GCC-H: "graph.microsoft.us"

# Create a hashtable for the body, the data needed for the token request
# The variables used are explained above

$Body = @{
    'tenant' = $TenantId
    'client_id' = $ClientId
    'scope' = "https://{0}/.default" -f $graphURI
    'client_secret' = $ClientSecret
    'grant_type' = 'client_credentials'
}

# Assemble a hashtable for splatting parameters, for readability
# The tenant id is used in the uri of the request as well as the body
$Params = @{
    'Uri' = "https://{0}/$TenantId/oauth2/v2.0/token" -f $logonURI
    'Method' = 'Post'
    'Body' = $Body
    'ContentType' = 'application/x-www-form-urlencoded'
}

$AuthResponse = Invoke-RestMethod @Params


$Headers = @{
    'Authorization' = "Bearer $($AuthResponse.access_token)"
}

# 1.    List all Users

$usrURI = "https://{0}/v1.0/users" -f $graphURI
$usrResult = Invoke-RestMethod -Uri $usrURI -Headers $Headers

$Users = $usrResult.value
while ($usrResult.'@odata.nextLink') {
    Write-Host "Getting another page of 100 users..."
    $usrResult = Invoke-RestMethod -Uri $usrResult.'@odata.nextLink' -Headers $Headers
    $Users  = $usrResult.value
}

foreach ($user in $Users)
{

 $user
}

CodePudding user response:

Once you know the displayname may be you can filter it as described in the Microsoft documentation for all other details.

example from documentaion.

PS C:\Windows\system32> Get-AzureADGroup -Filter "DisplayName eq 'The Display Name'"

Which gives all below details (copied from the Microsoft documentation link.)

https://docs.microsoft.com/en-ca/azure/active-directory/enterprise-users/groups-settings-v2-cmdlets

DeletionTimeStamp            :
ObjectId                     : 31f1ff6c-d48c-4f8a-b2e1-abca7fd399df
ObjectType                   : Group
Description                  : Intune Device Administrators
DirSyncEnabled               :
DisplayName                  : Intune Administrators
LastDirSyncTime              :
Mail                         :
MailEnabled                  : False
MailNickName                 : 4dd067a0-6515-4f23-968a-cc2ffc2eff5c
OnPremisesSecurityIdentifier :
ProvisioningErrors           : {}
ProxyAddresses               : {}
SecurityEnabled              : True
  • Related