Get-EntraDirectoryRole
Gets a directory role.
Syntax
Get-EntraDirectoryRole
[-Filter <String>]
[-Property <String[]>]
[<CommonParameters>]
Get-EntraDirectoryRole
-ObjectId <String>
[-Property <String[]>]
[<CommonParameters>]
Description
The Get-EntraDirectoryRole
cmdlet gets a directory role from Microsoft Entra ID.
Examples
Example 1: Get a directory role by ID
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole -ObjectId '019ea7a2-1613-47c9-81cb-20ba35b1ae48'
ObjectId DisplayName Description
-------- ----------- -----------
019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope.
This command gets the specified directory role.
Example 2: Get all directory roles
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole
ObjectId DisplayName Description
-------- ----------- -----------
019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope.
2b3a80bc-51a4-476d-8e09-cd8b6cdde5ea Directory Writers Allows access read tasks and a subset of write tasks in the directory.
526b7173-5a6e-49dc-88ec-b677a9093709 User Account Administrator User Account Administrator has access to perform common user management related tasks.
542f5aef-b23f-4e34-a838-6f2b9205b3d6 Directory Synchronization Accounts Directory Synchronization Accounts
68239fa3-6b01-4396-aeb4-6af38a1b6abf Directory Readers Allows access to various read only tasks in the directory.
8c6a5c45-e93e-4f2b-81be-b57ad4c43ddd Privileged Role Administrator Privileged Role Administrator has access to perform common role management related tasks.
8f8a1cf4-d535-4ccd-8552-7267c7ee0a88 Helpdesk Administrator Helpdesk Administrator has access to perform common helpdesk related tasks.
b89a48d4-7595-48d0-bb36-69fe4b220668 Device Administrators Device Administrators
d96eb2b3-0970-4827-8f26-6008efd86511 Security Administrator Security Administrator allows ability to read and manage security configuration and reports.
This command gets all the directory roles.
Example 3: Get a directory role filter by ObjectId
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole -Filter "ObjectId eq '019ea7a2-1613-47c9-81cb-20ba35b1ae48'"
ObjectId DisplayName Description
-------- ----------- -----------
019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope.
This command gets the directory role by ObjectId.
Example 4: Get a directory role filter by displayName
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole -Filter "displayName eq 'Company Administrator'"
ObjectId DisplayName Description
-------- ----------- -----------
019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope.
This command gets the directory role by display name.
Parameters
-Filter
The oData v3.0 filter statement. Controls which objects are returned.
Type: | System.String |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-ObjectId
Specifies the ID of a directory role in Microsoft Entra ID.
Type: | System.String |
Position: | Named |
Default value: | None |
Required: | True |
Accept pipeline input: | True |
Accept wildcard characters: | False |
-Property
Specifies properties to be returned
Type: | System.String[] |
Position: | Named |
Default value: | None |
Required: | False |
Accept pipeline input: | False |
Accept wildcard characters: | False |
Related Links
Feedback
https://aka.ms/ContentUserFeedback.
Coming soon: Throughout 2024 we will be phasing out GitHub Issues as the feedback mechanism for content and replacing it with a new feedback system. For more information see:Submit and view feedback for