Share via

Gell all users from a domain

Naoufel OULD LACHHAB 20 Reputation points
2024-06-27T08:51:35.35+00:00

Hello,

how to get all users in domain with MS graph ?

thank you

Active Directory
Active Directory
A set of directory-based technologies included in Windows Server.
6,671 questions
0 comments
Accepted answer
  1. Andy David - MVP 149.5K Reputation points MVP
    2024-06-27T10:59:32.3866667+00:00

    Create a role-assignable group , add the required members and assign to the role needed and assign the license to that:

    https://learn.microsoft.com/en-us/entra/id-governance/privileged-identity-management/groups-assign-member-owner

    0 comments

1 additional answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Deepanshukatara-6769 10,690 Reputation points
    2024-06-27T09:11:41.1666667+00:00

    To dynamically assign P2 licenses for users assigned to Privileged Identity Management (PIM)

    You can assign licenses through PowerShell.

    To automate license assignment using PowerShell for users assigned to Privileged Identity Management (PIM), you can follow these steps:

    Prerequisites

    1. Azure AD Module: Ensure you have the Azure AD PowerShell module installed.
    2. Permissions: Ensure you have the necessary permissions to assign licenses.
    Install Azure AD Module:   
  Install-Module AzureAD

Connect to Azure AD:
  Connect-AzureAD
   
Get PIM Users:
   $pimRole = Get-AzureADDirectoryRole | Where-Object { $_.DisplayName -eq "Privileged Role Administrator" }
   $pimUsers = Get-AzureADDirectoryRoleMember -ObjectId $pimRole.ObjectId

Assign P2 License:
     $licenseSku = "ENTERPRISEPREMIUM"  # Replace with the actual SKU ID for P2 license
   foreach ($user in $pimUsers) {
       Set-AzureADUserLicense -ObjectId $user.ObjectId -AssignedLicenses @{AddLicenses=$licenseSku}
   }
   
Complete Script

# Define variables
$licenseSku = "ENTERPRISEPREMIUM"  # Replace with the actual SKU ID for P2 license

# Install Azure AD Module if not already installed
if (-not (Get-Module -ListAvailable -Name AzureAD)) {
    Install-Module AzureAD -Force
}

# Connect to Azure AD
Connect-AzureAD

# Get PIM Users
$pimRole = Get-AzureADDirectoryRole | Where-Object { $_.DisplayName -eq "Privileged Role Administrator" }
$pimUsers = Get-AzureADDirectoryRoleMember -ObjectId $pimRole.ObjectId

# Assign P2 License to each PIM user
foreach ($user in $pimUsers) {
    Set-AzureADUserLicense -ObjectId $user.ObjectId -AssignedLicenses @{AddLicenses=$licenseSku}
}

    Steps to Run the Script

    1. Replace the placeholder ENTERPRISEPREMIUM with the actual SKU ID for the P2 license.
    2. Save the script to a .ps1 file.
    3. Open PowerShell and run the script.

    Documentation References

    By using this script, you can automate the assignment of P2 licenses to users assigned to PIM roles.

    Kindly accept answer if it helps

    Please let me know if any further questions

    Thanks

    Deepanshu

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.