Powershell CustomSecurityAttributes

Question

Hi

I am looking for a way to retrieve all users from Azure AD with a "Custom Security Attribute" that matches a value and then return only the users assigned to that specific value and output to Excel or CSV using PowerShell.

Or better yet.
Output all users with Custom Security Attributes with all Values to Excel. Then I can filter within excel.

ie: Attribute Set = Product
Attribute Name = Product Name
Value = Shoe Size

I can filter it in Azure Portal but looking to do this via Powershell.

Any help will be appreciated.

I am halfway there or maybe just a smidge.
Get-AzureADMSUser -Id xxxx.xxxx.xxxxx.xxxxx -Select CustomSecurityAttributes

The above only outputs the Attribute set only linked to specific user. Hence I am looking to do all users but also output the Value not just the Attribute set.

Answer 1

Hi @Gerhard De Villiers-Mohr

You can use the Module AzureAD

Install-Module AzureAD # As Admin  

And the connect to AzureAD

Connect-AzureAD  

After that you can select various attributes, Ex:

Get-AzureADUser | select UserPrincipalName,usertype  

In this example, the command retrieves the UPN and the user type. You can choose any attribute that you requiere.

Hope this helps,
Carlos Solís Salazar

----------

Please "Accept as Answer" and Upvote if any of the above helped so that, it can help others in the community looking for remediation for similar issues.

Answer 2

Hi @Gerhard De Villiers-Mohr ,

Thanks for reaching out.

You may need to use -All $true along with Get-AzureADUser cmdlet as shown below, otherwise the cmdlet will return just the top 100 users. Hope this helps.

Get-AzureADUser -All $true | select UserPrincipalName, CustomSecurityAttributes