fetch information from AzureAD

Question

fetch information from AzureAD

Glenn Maxwell 12,876

Hi All,

I have two questions related to Object IDs:

I want to export all my users' Object IDs from Azure AD for regular users(regular mailboxes) using PowerShell and export them to csv file. OR, I want to export Object IDs for all users in Azure AD who have a Microsoft 365 E3 license assigned. Please guide me on how to fetch this information using PowerShell syntax.
If I need to fetch the above information using an Azure Service Principal (i.e., App Registration), what API permissions are required? Please guide me.

Anonymous

2024-11-28T09:07:23.9033333+00:00

Hello, @Glenn Maxwell

It's been a long time since I've heard from you, have you solved your problem yet? Did my previous reply help you？ If it was useful, you can mark it as an answer. Thank you for your understanding and support.

Accepted answer

0 additional answers

Your answer

Anonymous

2024-11-28T09:07:23.9033333+00:00

Hello, @Glenn Maxwell

It's been a long time since I've heard from you, have you solved your problem yet? Did my previous reply help you？ If it was useful, you can mark it as an answer. Thank you for your understanding and support.

Answer 1

Lakshan Umesh 181 MVP

In answer to your first question, you can try below,

$license = Get-AzADSubscribedSku | Where-Object {$_.SkuPartNumber -eq "ENTERPRISEPACK"}

Get-AzADUser -Filter "AssignedLicenses/any(x:x/SkuId eq '$($license.SkuId)')" | Select-Object DisplayName, UserPrincipalName, ObjectId | Export-Csv -Path "C:\E3LicensedUsers.csv" -NoTypeInformation -Encoding UTF8

You need to grant "User.Read.All" Delegated Permission and "User.Read.All", "Directory.Read.All" Application permissions to achieve this using Azure PowerShell principle.

Connect-MgGraph -ClientId "<ClientId>" -TenantId "<TenantId>" -CertificateThumbprint "<Thumbprint>"

Get-MgUser -All -Filter "AssignedLicenses/any(x:x/SkuId eq 'ENTERPRISEPACK')" | Select-Object DisplayName, UserPrincipalName, Id | Export-Csv -Path "C:\SPLicensedUsers.csv" -NoTypeInformation -Encoding UTF8

If you find my response helpful, please consider accepting this answer and voting yes to support the community. Thank you!

Glenn Maxwell 12,876

I am getting below error.

Az.MSGraph.internal\Get-AzADUser : Invalid filter clause: A binary operator with incompatible types was detected. Found operand types 'Edm.Guid' and 'Edm.String' for operator kind 'Equal'. 
At C:\Program Files\WindowsPowerShell\Modules\Az.Resources\7.7.0\MSGraph.Autorest\custom\Get-AzADUser.ps1:212 char:9
+         Az.MSGraph.internal\Get-AzADUser @PSBoundParameters
+         ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    + CategoryInfo          : InvalidOperation: ({ }:<>f__AnonymousType1) [Get-AzADUser_List], Exception
    + FullyQualifiedErrorId : BadRequest,Microsoft.Azure.PowerShell.Cmdlets.Resources.MSGraph.Cmdlets.GetAzADUser_List

Anonymous

2024-11-26T06:36:49.0433333+00:00
Hi，@Glenn Maxwell

The error message you are encountering indicates that there is a type mismatch in the filter expression used in the Get-AzADUser cmdlet. The AssignedLicenses property expects a GUID (Globally Unique Identifier), but it seems that the filter is passing a string instead.

$license = Get-AzADSubscribedSku | Where-Object {$_.SkuPartNumber -eq "ENTERPRISEPACK"} $guidSkuId = [Guid]$license.SkuId Get-AzADUser -Filter "AssignedLicenses/any(x:x/SkuId eq $guidSkuId)" | Select-Object DisplayName, UserPrincipalName, ObjectId | Export-Csv -Path "C:\E3LicensedUsers.csv" -NoTypeInformation -Encoding UTF8

If my answer is helpful to you, please mark it as the answer so that other users can refer to it. Thank you for your support and understanding.

Share via

fetch information from AzureAD

0 additional answers

Your answer