MS Graph API

• Install
• Connect
• Users
  • Permissions
  • Properties Array
  • Get users

Install

Install-Module Microsoft.Graph -Scope AllUsers -Repository PSGallery -Force

Connect

Connect-MgGraph -Scopes 'User.Read.All'

Users

Permissions

> (Find-MgGraphCommand -command Get-MgUser | Select -First 1 -ExpandProperty Permissions).name
User.ReadBasic.All
User.ReadWrite
User.Read
Directory.Read.All
DeviceManagementServiceConfig.ReadWrite.All
DeviceManagementServiceConfig.Read.All
DeviceManagementManagedDevices.ReadWrite.All
DeviceManagementManagedDevices.Read.All
DeviceManagementApps.ReadWrite.All
User.ReadWrite.All
User.Read.All
Directory.ReadWrite.All
DeviceManagementConfiguration.ReadWrite.All
DeviceManagementConfiguration.Read.All
DeviceManagementApps.Read.All

Properties Array

# Set the properties to retrieve
$properties = @(
        'id',
        'DisplayName',
        'userprincipalname',
        'mail',
        'jobtitle',
        'department',
        'OfficeLocation',
        'MobilePhone',
        'BusinessPhones',
        'streetAddress',
        'city',
        'postalcode',
        'state',
        'country',
        'PreferredDataLocation',
        'UsageLocation',
        'employeeType',
        'EmployeeId',
        'OnPremisesDistinguishedName',
        'OnPremisesDomainName',
        'OnPremisesExtensionAttributes',
        'OnPremisesImmutableId',
        'OnPremisesLastSyncDateTime',
        'OnPremisesProvisioningErrors',
        'OnPremisesSamAccountName',
        'OnPremisesSecurityIdentifier',
        'OnPremisesSyncEnabled',
        'OnPremisesUserPrincipalName',
        #'SignInActivity',  # comment in if you have AuditLog.Read.All permissions
        'manager',
        'proxyAddresses',
        'AccountEnabled',
        'CreatedDateTime' 
       )

Get users

> $all = Get-MgUser -all -property $properties

> $all.count
19072