Get-AzureADMSRoleDefinition
This article provides migration details from Get-AzureADMSRoleDefinition command to Microsoft Graph PowerShell.
Summary
- Azure AD Command: Get-AzureADMSRoleDefinition
- Azure AD Module: AzureAD
- Microsoft Graph Command: Get-MgRoleManagementDirectoryRoleDefinition (Community Examples)
- Graph Module: Microsoft.Graph.Identity.Governance
- Graph Endpoint: GET /roleManagement/directory/roleDefinitions | /roleManagement/directory/roleDefinitions/{unifiedRoleDefinition-id}
Permissions
For the directory (Microsoft Entra ID) provider
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
Application | RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All |
For the entitlement management provider
Permission type | Permissions (from least to most privileged) |
---|---|
Delegated (work or school account) | EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All |
Delegated (personal Microsoft account) | Not supported. |
View more details on permissions.
Property Mapping
Azure AD Name | Microsoft Graph Name |
---|---|
All | All |
Filter | Filter |
ObjectId | UnifiedRoleDefinitionId |
SearchString | NA |
Top | Top |
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for