I am trying to get the user name and the employee ID from Azure Active Directory, but I keep getting a can not match parameter error. See the attached image.
Get-AzADUser -UserPrincipalName $.UserPrincipalName -EmployeeID $.EmployeeID
Parameter Error
I wasn't able to get the employeeId using AdditionalProperties.
Quickest way for me is using the azuread module, as employeeId is not a standard property but and extension, you can get that info using the following command:
get-azureaduser -objectid user#domain | get-azureaduserextension
[1]:Example https://i.stack.imgur.com/uAxz7.png
Also I recommend using graph API to get info from AAD.
https://devblogs.microsoft.com/premier-developer/getting-started-with-graph-api-and-graph-explorer/?msclkid=249a6a28ae7311ec958ae49c7dc811e2
BR
As there is no parameter called EmployeeId in the get-azaduser that's why it gives you the error . The employee Id is stored inside the additional properties.
So if you want to get the AD users name and employee ID you can use the below command :
Get-AzADUser | Select-Object UserprincipalName , #{N="EmployeeId";E={$_.AdditionalProperties["employeeId"]} }
Output:
I needed to grab this attribute and finally got it working:
$user = Get-AzureADUser -SearchString $displayName
$empID = $user.ExtensionProperty.employeeId
I have tried the below and it worked for me.
Get-AzureADUser -top 70000 | ? {$_.AccountEnabled -like $true -and $_.userType -like "Member" -and $_.ExtensionProperty.employeeId -notlike $null } |
select DisplayName,AccountEnabled,Userprincipalname,usertype,#{N="EmployeeID";E={$_.ExtensionProperty.employeeId}}
Related
Is there a way to fetch all details of routing from each subscription with Route-Table Name, subscriptions, next hop type address prefix.
I have tried 'Get-AzRouteTable -ResourceGroupName "" -Name "prod" | Get-AzRouteConfig | Export-Csv azureroutetable2.csv' but getting only from specific environment, is there a better way to do the same?
Regards
Devbrat
According to the help for Get-AzRouteTable it doesn't require any value to be specified for ResourceGroupName so we should just be able to loop through your available contexts. If you did have a large Azure Network infrastructure and they were logically organised by Resource Group, you may want to consider looping through Resource Groups too.
That being said, you can do something like this. It will create a csv for each subscription in your current session. Change the . at the beginning of the path value to set a full path if you would like.
$Contexts = Get-AzContext -ListAvailable
foreach ($Context in $Contexts) {
[void](Set-AzContext -SubscriptionId $Context.Subscription.Id)
$RouteConfig = Get-AzRouteTable -Name "prod" | Get-AzRouteConfig
# If you are using PowerShell 5.1, add '-NoTypeInformation' to the end of this command.
$RouteConfig | Export-Csv -Path ".\$($Context.Subscription.Name)_Routes.csv" -Encoding utf8 -NoClobber
}
We have a command to get all the subscriptions Get-AzSubscription | Set-Azcontext and set for that to work with multiple subscription. How do we fetch specific subscriptions from Get-AzSubscription and pass it for Set-Azcontext.
In order to do that I have tried below :
I have tried something $subscription = Get-AzSubscription -TenantId "tenant id" | where-object{$_.Name -like 'required name*'}
$subscription | Set-AzContext
Is there any better way to do the same?
Regards
Deb
There is nothing wrong with your method as long as:
You can easily write the filter clause to include all the required subscriptions. If there is no consistent naming scheme you might end up with lots of ... -or ... -or ... clauses which is messy.
You are happy that your script will automatically start to act on any new subscriptions added to your tenancy which match your filter clause.
If however:
You don't have good naming scheme so it's difficult to write a simple filter.
The script must act only on the specified subscriptions.
Then you could do this:
$subs = #('Sub 1','Live Sub','2 Test','Deb')
$subs | get-azsubscription -SubscriptionName {$_} | set-azcontext
You can use the following command to select the particular subscription you want to use :
Select-AzureRmSubscription -SubscriptionId xxxxx-xxxxx-xxxxxx-xxxx
https://learn.microsoft.com/en-us/graph/api/reportroot-getsharepointactivityuserdetail?view=graph-rest-1.0
Who to get user info from the User Principal Name(GUID) returns in getSharePointActivityUserDetail api
Result sample
As far as I understand (the question and the doc), the GUID is a global and unique ID for all SharePoint users.
You can found a PowerShell command here that could help you to get the user names from the guid:
Add-PSSnapin "Microsoft.SharePoint.PowerShell"
Get-SPSite http://win-pfcp2dgt8di/sites/EnjoySharePoint/ | Get-SPWeb -Limit ALL | %{$_.Lists} |?{$_.ID –eq "B13CC473-6187-4478-A0DD-853E83AA6F9D"} |ft Title, ParentWebURL, RootFolder
I'm trying to update AzureADGroupMember for multiple users in a CSV File by UPN.
This is what I've came across and attempted:
$users = Import-csv "C:\Temp\testgroup2.csv"
$users | ForEach-Object{
Add-AzureGroupADGroupMember -ObjectId xcv9890-stest999-xcvxc234-xcv2342324
-RefObjectId (Get-AzureADUser -ObjectId $_.UPN).ObjectId
}
I get the following 2 errors.
Import-csv : The member "Role" is already present.
At line:1 char:10
Get-AzureADUser : Cannot bind argument to parameter 'ObjectId' because it
is null.
At line:4 char:120
Any idea why this keeps happening? I would really appreciate the help.
Thank you,
Well, since you did not provide the .csv file, I can just give you a solution that works on my side.
First, let's check the two errors.
Import-csv : The member "Role" is already present.
I can reproduce this issue, this means your .csv file has two columns header 'Role', just modify it into a correct format.
Get-AzureADUser : Cannot bind argument to parameter 'ObjectId' because it
is null.
This means this part $_.UPN is null, this may be caused by the first error.
My sample:
testgroup.csv
UPN,Role
leeliu#xxxxxx.onmicrosoft.com,role1
test#xxxxxx.onmicrosoft.com,role2
script (you should use Add-AzureADGroupMember, not Add-AzureGroupADGroupMember):
$users = Import-csv "C:\Users\joyw\Desktop\testgroup.csv"
$users | ForEach-Object{
Add-AzureADGroupMember -ObjectId 9d42xxxxxx28b600ad -RefObjectId (Get-AzureADUser -ObjectId $_.UPN).ObjectId
}
Note: Before running the script, you need to make sure the users are not already in the group, otherwise you will get a One or more added object references already exist for the following modified properties: 'members' error.
I have a directory that has about 200k users in it. I need to pull back all the users that came from on-prem AD. This of course would exclude the multiple source guest users. I have to use source because not all users have a usertype.
If there was a way to search Department not equal to null that would work as well, but it doesn't appear to be part of the odata filter standard.
Get-AzureADUser -Filter "Department eq ''" | select DisplayName,`
UserPrincipalName,Mail,creationType,AccountEnabled,Department
To get users that come from on-prem AD you could do something like this
Get-AzureADUser -Filter "dirSyncEnabled eq true"
For selecting only a few, other operators like top can be used as well.. e.g.
Get-AzureADUser -top 5 -Filter "dirSyncEnabled eq true"
To get all users one shot you can do
Get-AzureADUser -All $true -Filter "dirSyncEnabled eq true"
or
Get-AzureADUser -all $true | where-object -property DirSyncEnabled -eq "True"