Get-AzureADMSRoleDefinition
This article provides migration details from Get-AzureADMSRoleDefinition command to Microsoft Graph PowerShell.
Summary
- Azure AD Command: Get-AzureADMSRoleDefinition
- Azure AD Module: AzureAD
- Microsoft Graph Command: Get-MgRoleManagementDirectoryRoleDefinition (Community Examples)
- Graph Module: Microsoft.Graph.Identity.Governance
- Graph Endpoint: GET /roleManagement/directory/roleDefinitions | /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
Permissions
For the directory (Microsoft Entra ID) provider
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
| Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
For the entitlement management provider
| Permission type | Permissions (from least to most privileged) |
|---|---|
| Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
| Delegated (personal Microsoft account) | Not supported. |
View more details on permissions.
Property Mapping
| Azure AD Name | Microsoft Graph Name |
|---|---|
| All | All |
| Filter | Filter |
| ObjectId | UnifiedRoleDefinitionId |
| SearchString | NA |
| Top | Top |
Feedback
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see: https://aka.ms/ContentUserFeedback.
Submit and view feedback for