Microsoft.Graph.Identity.DirectoryManagement
Microsoft Graph PowerShell Cmdlets
Microsoft.Graph.Identity.DirectoryManagement
| Complete-MgDirectoryImpactedResource |
Invoke action complete |
| Complete-MgDirectoryRecommendation |
Invoke action complete |
| Confirm-MgAdministrativeUnitMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgAdministrativeUnitMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgContactMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgContactMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgContractMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgContractMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDeviceMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgDeviceMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDirectoryAdministrativeUnitMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgDirectoryAdministrativeUnitMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDirectoryDeletedItemMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgDirectoryDeletedItemMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDirectoryRoleMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgDirectoryRoleMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDirectoryRoleTemplateMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgDirectoryRoleTemplateMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDirectorySettingTemplateMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgDirectorySettingTemplateMemberObject |
Invoke action checkMemberObjects |
| Confirm-MgDomain |
Invoke action verify |
| Confirm-MgOrganizationMemberGroup |
Invoke action checkMemberGroups |
| Confirm-MgOrganizationMemberObject |
Invoke action checkMemberObjects |
| Export-MgDirectoryInboundSharedUserProfilePersonalData |
Invoke action exportPersonalData |
| Get-MgAdministrativeUnit |
Retrieve the properties and relationships of an administrativeUnit object.
Since the administrativeUnit resource supports extensions, you can also use the |
| Get-MgAdministrativeUnitById |
Invoke action getByIds |
| Get-MgAdministrativeUnitDelta |
Invoke function delta |
| Get-MgAdministrativeUnitExtension |
The collection of open extensions defined for this administrative unit. Nullable. |
| Get-MgAdministrativeUnitMember |
Users and groups that are members of this administrative unit. Supports $expand. |
| Get-MgAdministrativeUnitMemberAsApplication |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.application |
| Get-MgAdministrativeUnitMemberAsDevice |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.device |
| Get-MgAdministrativeUnitMemberAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgAdministrativeUnitMemberAsOrgContact |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact |
| Get-MgAdministrativeUnitMemberAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal |
| Get-MgAdministrativeUnitMemberAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgAdministrativeUnitMemberByRef |
Users and groups that are members of this administrative unit. Supports $expand. |
| Get-MgAdministrativeUnitMemberGroup |
Invoke action getMemberGroups |
| Get-MgAdministrativeUnitMemberObject |
Invoke action getMemberObjects |
| Get-MgAdministrativeUnitScopedRoleMember |
Scoped-role members of this administrative unit. |
| Get-MgAdministrativeUnitUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgContact |
Get the properties and relationships of an organizational contact object. |
| Get-MgContactById |
Invoke action getByIds |
| Get-MgContactDelta |
Invoke function delta |
| Get-MgContactDirectReport |
The contact's direct reports. (The users and contacts that have their manager property set to this contact.) Read-only. Nullable. Supports $expand. |
| Get-MgContactDirectReportAsOrgContact |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact |
| Get-MgContactDirectReportAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgContactManager |
The user or contact that is this contact's manager. Read-only. Supports $expand and $filter (eq) by id. |
| Get-MgContactMemberGroup |
Invoke action getMemberGroups |
| Get-MgContactMemberObject |
Invoke action getMemberObjects |
| Get-MgContactMemberOf |
Groups that this contact is a member of. Read-only. Nullable. Supports $expand. |
| Get-MgContactMemberOfAsAdministrativeUnit |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit |
| Get-MgContactMemberOfAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgContactMemberOfByRef |
Invoke action getMemberObjects |
| Get-MgContactTransitiveMemberOf |
Get transitiveMemberOf from contacts |
| Get-MgContactTransitiveMemberOfAsAdministrativeUnit |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit |
| Get-MgContactTransitiveMemberOfAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgContactTransitiveMemberOfByRef |
Invoke action getMemberObjects |
| Get-MgContactTransitiveReport |
The transitive reports for a contact. Read-only. |
| Get-MgContactUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgContract |
Retrieve the properties and relationships of contract object. |
| Get-MgContractById |
Invoke action getByIds |
| Get-MgContractDelta |
Invoke function delta |
| Get-MgContractMemberGroup |
Invoke action getMemberGroups |
| Get-MgContractMemberObject |
Invoke action getMemberObjects |
| Get-MgContractUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDevice |
Get the properties and relationships of a device object.
Since the device resource supports extensions, you can also use the |
| Get-MgDeviceById |
Invoke action getByIds |
| Get-MgDeviceCommand |
Set of commands sent to this device. |
| Get-MgDeviceCommandResponsepayload |
Get responsepayload from devices |
| Get-MgDeviceDelta |
Invoke function delta |
| Get-MgDeviceExtension |
The collection of open extensions defined for the device. Read-only. Nullable. |
| Get-MgDeviceMemberGroup |
Invoke action getMemberGroups |
| Get-MgDeviceMemberObject |
Invoke action getMemberObjects |
| Get-MgDeviceMemberOf |
Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand. |
| Get-MgDeviceMemberOfAsAdministrativeUnit |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit |
| Get-MgDeviceMemberOfAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgDeviceMemberOfByRef |
Invoke action getMemberObjects |
| Get-MgDeviceRegisteredOwner |
The user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Read-only. Nullable. Supports $expand. |
| Get-MgDeviceRegisteredOwnerAsEndpoint |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint |
| Get-MgDeviceRegisteredOwnerAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal |
| Get-MgDeviceRegisteredOwnerAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgDeviceRegisteredOwnerByRef |
The user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Read-only. Nullable. Supports $expand. |
| Get-MgDeviceRegisteredUser |
Collection of registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports $expand. |
| Get-MgDeviceRegisteredUserAsEndpoint |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint |
| Get-MgDeviceRegisteredUserAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal |
| Get-MgDeviceRegisteredUserAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgDeviceRegisteredUserByRef |
Collection of registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration. Read-only. Nullable. Supports $expand. |
| Get-MgDeviceTransitiveMemberOf |
Groups and administrative units that this device is a member of. This operation is transitive. Supports $expand. |
| Get-MgDeviceTransitiveMemberOfAsAdministrativeUnit |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit |
| Get-MgDeviceTransitiveMemberOfAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgDeviceUsageRights |
Represents the usage rights a device has been granted. |
| Get-MgDeviceUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectory |
Get directory |
| Get-MgDirectoryAdministrativeUnit |
Conceptual container for user and group directory objects. |
| Get-MgDirectoryAdministrativeUnitById |
Invoke action getByIds |
| Get-MgDirectoryAdministrativeUnitDelta |
Invoke function delta |
| Get-MgDirectoryAdministrativeUnitExtension |
The collection of open extensions defined for this administrative unit. Nullable. |
| Get-MgDirectoryAdministrativeUnitMember |
Users and groups that are members of this administrative unit. Supports $expand. |
| Get-MgDirectoryAdministrativeUnitMemberAsApplication |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.application |
| Get-MgDirectoryAdministrativeUnitMemberAsDevice |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.device |
| Get-MgDirectoryAdministrativeUnitMemberAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgDirectoryAdministrativeUnitMemberAsOrgContact |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact |
| Get-MgDirectoryAdministrativeUnitMemberAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal |
| Get-MgDirectoryAdministrativeUnitMemberAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgDirectoryAdministrativeUnitMemberByRef |
Users and groups that are members of this administrative unit. Supports $expand. |
| Get-MgDirectoryAdministrativeUnitMemberGroup |
Invoke action getMemberGroups |
| Get-MgDirectoryAdministrativeUnitMemberObject |
Invoke action getMemberObjects |
| Get-MgDirectoryAdministrativeUnitScopedRoleMember |
Scoped-role members of this administrative unit. |
| Get-MgDirectoryAdministrativeUnitUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectoryAttributeSet |
Group of related custom security attribute definitions. |
| Get-MgDirectoryCustomSecurityAttributeDefinition |
Schema of a custom security attributes (key-value pairs). |
| Get-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue |
Values that are predefined for this custom security attribute.This navigation property is not returned by default and must be specified in an $expand query. For example, /directory/customSecurityAttributeDefinitions?$expand=allowedValues. |
| Get-MgDirectoryDeletedItem |
Get deletedItems from directory |
| Get-MgDirectoryDeletedItemAsApplication |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.application |
| Get-MgDirectoryDeletedItemAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgDirectoryDeletedItemAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgDirectoryDeletedItemById |
Invoke action getByIds |
| Get-MgDirectoryDeletedItemDelta |
Invoke function delta |
| Get-MgDirectoryDeletedItemMemberGroup |
Invoke action getMemberGroups |
| Get-MgDirectoryDeletedItemMemberObject |
Invoke action getMemberObjects |
| Get-MgDirectoryDeletedItemUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectoryFeatureRolloutPolicy |
Get featureRolloutPolicies from directory |
| Get-MgDirectoryFeatureRolloutPolicyApplyTo |
Nullable. Specifies a list of directoryObjects that feature is enabled for. |
| Get-MgDirectoryFeatureRolloutPolicyApplyToById |
Invoke action getByIds |
| Get-MgDirectoryFeatureRolloutPolicyApplyToByRef |
Nullable. Specifies a list of directoryObjects that feature is enabled for. |
| Get-MgDirectoryFeatureRolloutPolicyApplyToDelta |
Invoke function delta |
| Get-MgDirectoryFeatureRolloutPolicyApplyToUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectoryFederationConfiguration |
Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol. |
| Get-MgDirectoryImpactedResource |
Get impactedResources from directory |
| Get-MgDirectoryInboundSharedUserProfile |
A collection of external Azure AD users whose profile data has been shared with the Azure AD tenant. Nullable. |
| Get-MgDirectoryOnPremisSynchronization |
A container for on-premises directory synchronization functionalities that are available for the organization. |
| Get-MgDirectoryOutboundSharedUserProfile |
Get outboundSharedUserProfiles from directory |
| Get-MgDirectoryOutboundSharedUserProfileTenant |
The collection of external Azure AD tenants that the user has shared profile data with. Read-only. |
| Get-MgDirectoryRecommendation |
List of recommended improvements to improve tenant posture. |
| Get-MgDirectoryRole |
Retrieve the properties of a directoryRole object. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Azure portal. For details, see Role template IDs. |
| Get-MgDirectoryRoleById |
Invoke action getByIds |
| Get-MgDirectoryRoleDelta |
Invoke function delta |
| Get-MgDirectoryRoleMember |
Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable. Supports $expand. |
| Get-MgDirectoryRoleMemberAsApplication |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.application |
| Get-MgDirectoryRoleMemberAsDevice |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.device |
| Get-MgDirectoryRoleMemberAsGroup |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.group |
| Get-MgDirectoryRoleMemberAsOrgContact |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact |
| Get-MgDirectoryRoleMemberAsServicePrincipal |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal |
| Get-MgDirectoryRoleMemberAsUser |
Get the item of type microsoft.graph.directoryObject as microsoft.graph.user |
| Get-MgDirectoryRoleMemberByRef |
Users that are members of this directory role. HTTP Methods: GET, POST, DELETE. Read-only. Nullable. Supports $expand. |
| Get-MgDirectoryRoleMemberGroup |
Invoke action getMemberGroups |
| Get-MgDirectoryRoleMemberObject |
Invoke action getMemberObjects |
| Get-MgDirectoryRoleScopedMember |
Members of this directory role that are scoped to administrative units. Read-only. Nullable. |
| Get-MgDirectoryRoleTemplate |
Retrieve the properties and relationships of a directoryroletemplate object. |
| Get-MgDirectoryRoleTemplateById |
Invoke action getByIds |
| Get-MgDirectoryRoleTemplateDelta |
Invoke function delta |
| Get-MgDirectoryRoleTemplateMemberGroup |
Invoke action getMemberGroups |
| Get-MgDirectoryRoleTemplateMemberObject |
Invoke action getMemberObjects |
| Get-MgDirectoryRoleTemplateUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectoryRoleUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectorySetting |
Retrieve the properties of a specific directory setting object. |
| Get-MgDirectorySettingTemplate |
A directory setting template represents a template of settings from which settings may be created within a tenant. This operation allows retrieval of the properties of the directorySettingTemplate object, including the available settings and their defaults. |
| Get-MgDirectorySettingTemplateById |
Invoke action getByIds |
| Get-MgDirectorySettingTemplateDelta |
Invoke function delta |
| Get-MgDirectorySettingTemplateMemberGroup |
Invoke action getMemberGroups |
| Get-MgDirectorySettingTemplateMemberObject |
Invoke action getMemberObjects |
| Get-MgDirectorySettingTemplateUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgDirectorySharedEmailDomain |
Get sharedEmailDomains from directory |
| Get-MgDomain |
Retrieve the properties and relationships of domain object. |
| Get-MgDomainFederationConfiguration |
Domain settings configured by customer when federated with Azure AD. Supports $expand. |
| Get-MgDomainNameReference |
The objects such as users and groups that reference the domain ID. Read-only, Nullable. Supports $expand and $filter by the OData type of objects returned. For example /domains/{domainId}/domainNameReferences/microsoft.graph.user and /domains/{domainId}/domainNameReferences/microsoft.graph.group. |
| Get-MgDomainServiceConfigurationRecord |
DNS records the customer adds to the DNS zone file of the domain before the domain can be used by Microsoft Online services. Read-only, Nullable. Supports $expand. |
| Get-MgDomainSharedEmailDomainInvitation |
Get sharedEmailDomainInvitations from domains |
| Get-MgDomainVerificationDnsRecord |
DNS records that the customer adds to the DNS zone file of the domain before the customer can complete domain ownership verification with Azure AD. Read-only, Nullable. Supports $expand. |
| Get-MgOrganization |
Get the properties and relationships of the currently authenticated organization.
Since the organization resource supports extensions, you can also use the |
| Get-MgOrganizationBranding |
Resource to manage the default branding for the organization. Nullable. |
| Get-MgOrganizationBrandingBackgroundImage |
Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. |
| Get-MgOrganizationBrandingBannerLogo |
A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingCustomCss |
CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB. |
| Get-MgOrganizationBrandingFavicon |
A custom icon (favicon) to replace a default Microsoft product favicon on an Azure AD tenant. |
| Get-MgOrganizationBrandingHeaderLogo |
A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingLocalization |
Add different branding based on a locale. |
| Get-MgOrganizationBrandingLocalizationBackgroundImage |
Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. |
| Get-MgOrganizationBrandingLocalizationBannerLogo |
A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingLocalizationCustomCss |
CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB. |
| Get-MgOrganizationBrandingLocalizationFavicon |
A custom icon (favicon) to replace a default Microsoft product favicon on an Azure AD tenant. |
| Get-MgOrganizationBrandingLocalizationHeaderLogo |
A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingLocalizationSquareLogo |
A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingLocalizationSquareLogoDark |
A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingSquareLogo |
A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationBrandingSquareLogoDark |
A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Get-MgOrganizationById |
Invoke action getByIds |
| Get-MgOrganizationExtension |
The collection of open extensions defined for the organization resource. Nullable. |
| Get-MgOrganizationMemberGroup |
Invoke action getMemberGroups |
| Get-MgOrganizationMemberObject |
Invoke action getMemberObjects |
| Get-MgOrganizationSetting |
Retrieve the properties and relationships of organizationSettings object. Nullable. |
| Get-MgOrganizationSettingContactInsight |
Contains the properties that are configured by an administrator as a tenant-level privacy control whether to identify duplicate contacts among a user's contacts list and suggest the user to merge those contacts to have a cleaner contacts list. List contactInsights returns the settings to display or return contact insights in an organization. |
| Get-MgOrganizationSettingItemInsight |
Contains the properties that are configured by an administrator for the visibility of Microsoft Graph-derived insights, between a user and other items in Microsoft 365, such as documents or sites. List itemInsights returns the settings to display or return item insights in an organization. |
| Get-MgOrganizationSettingMicrosoftApplicationDataAccess |
Get microsoftApplicationDataAccess from organization |
| Get-MgOrganizationSettingPersonInsight |
Contains the properties that are configured by an administrator for the visibility of a list of people relevant and working with a user in Microsoft 365. List peopleInsights returns the settings to display or return people insights in an organization. |
| Get-MgOrganizationSettingProfileCardProperty |
Contains a collection of the properties an administrator has defined as visible on the Microsoft 365 profile card. Get organization settings returns the properties configured for profile cards for the organization. |
| Get-MgOrganizationSettingPronoun |
Represents administrator settings that manage the support of pronouns in an organization. |
| Get-MgOrganizationUserOwnedObject |
Invoke action getUserOwnedObjects |
| Get-MgSubscribedSku |
Get a specific commercial subscription that an organization has acquired. |
| Get-MgUserScopedRoleMemberOf |
The scoped-role administrative unit memberships for this user. Read-only. Nullable. |
| Invoke-MgAvailableDirectoryFederationConfigurationProviderType |
Invoke function availableProviderTypes |
| Invoke-MgDismissDirectoryImpactedResource |
Invoke action dismiss |
| Invoke-MgDismissDirectoryRecommendation |
Invoke action dismiss |
| Invoke-MgForceDomainDelete |
Invoke action forceDelete |
| Invoke-MgPostponeDirectoryImpactedResource |
Invoke action postpone |
| Invoke-MgPostponeDirectoryRecommendation |
Invoke action postpone |
| Invoke-MgPromoteDomain |
Invoke action promote |
| Invoke-MgReactivateDirectoryImpactedResource |
Invoke action reactivate |
| Invoke-MgReactivateDirectoryRecommendation |
Invoke action reactivate |
| Invoke-MgRetryContactServiceProvisioning |
Invoke action retryServiceProvisioning |
| New-MgAdministrativeUnit |
Use this API to create a new administrativeUnit. |
| New-MgAdministrativeUnitExtension |
Create new navigation property to extensions for administrativeUnits |
| New-MgAdministrativeUnitMemberByRef |
Create new navigation property ref to members for administrativeUnits |
| New-MgAdministrativeUnitScopedRoleMember |
Create new navigation property to scopedRoleMembers for administrativeUnits |
| New-MgContact |
Add new entity to contacts |
| New-MgContract |
Add new entity to contracts |
| New-MgDevice |
Create a new device. |
| New-MgDeviceCommand |
Create new navigation property to commands for devices |
| New-MgDeviceExtension |
Create new navigation property to extensions for devices |
| New-MgDeviceMemberOfByRef |
The collection of open extensions defined for the device. Read-only. Nullable. |
| New-MgDeviceRegisteredOwnerByRef |
Create new navigation property ref to registeredOwners for devices |
| New-MgDeviceRegisteredUserByRef |
Create new navigation property ref to registeredUsers for devices |
| New-MgDeviceUsageRights |
Create new navigation property to usageRights for devices |
| New-MgDirectoryAdministrativeUnit |
Create new navigation property to administrativeUnits for directory |
| New-MgDirectoryAdministrativeUnitExtension |
Create new navigation property to extensions for directory |
| New-MgDirectoryAdministrativeUnitMemberByRef |
Create new navigation property ref to members for directory |
| New-MgDirectoryAdministrativeUnitScopedRoleMember |
Create new navigation property to scopedRoleMembers for directory |
| New-MgDirectoryAttributeSet |
Create new navigation property to attributeSets for directory |
| New-MgDirectoryCustomSecurityAttributeDefinition |
Create new navigation property to customSecurityAttributeDefinitions for directory |
| New-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue |
Create new navigation property to allowedValues for directory |
| New-MgDirectoryDeletedItem |
Create new navigation property to deletedItems for directory |
| New-MgDirectoryFeatureRolloutPolicy |
Create new navigation property to featureRolloutPolicies for directory |
| New-MgDirectoryFeatureRolloutPolicyApplyTo |
Create new navigation property to appliesTo for directory |
| New-MgDirectoryFeatureRolloutPolicyApplyToByRef |
Create new navigation property ref to appliesTo for directory |
| New-MgDirectoryFederationConfiguration |
Create new navigation property to federationConfigurations for directory |
| New-MgDirectoryImpactedResource |
Create new navigation property to impactedResources for directory |
| New-MgDirectoryInboundSharedUserProfile |
Create new navigation property to inboundSharedUserProfiles for directory |
| New-MgDirectoryOnPremisSynchronization |
Create new navigation property to onPremisesSynchronization for directory |
| New-MgDirectoryOutboundSharedUserProfile |
Create new navigation property to outboundSharedUserProfiles for directory |
| New-MgDirectoryOutboundSharedUserProfileTenant |
Create new navigation property to tenants for directory |
| New-MgDirectoryRecommendation |
Create new navigation property to recommendations for directory |
| New-MgDirectoryRole |
Activate a directory role. To read a directory role or update its members, it must first be activated in the tenant. The Company Administrators and the implicit user directory roles (User, Guest User, and Restricted Guest User roles) are activated by default. To access and assign members to other directory roles, you must first activate it with its corresponding directory role template ID. |
| New-MgDirectoryRoleMemberByRef |
Create new navigation property ref to members for directoryRoles |
| New-MgDirectoryRoleScopedMember |
Create new navigation property to scopedMembers for directoryRoles |
| New-MgDirectoryRoleTemplate |
Add new entity to directoryRoleTemplates |
| New-MgDirectorySetting |
Create a new setting based on the templates available in directorySettingTemplates.
These settings can be at the tenant-level or at the group level.
Group settings apply to only Microsoft 365 groups.
The template named |
| New-MgDirectorySettingTemplate |
Add new entity to directorySettingTemplates |
| New-MgDirectorySharedEmailDomain |
Create new navigation property to sharedEmailDomains for directory |
| New-MgDomain |
Adds a domain to the tenant. Important: You cannot use an associated domain with your Azure AD tenant until ownership is verified. See List verificationDnsRecords for details. Root domains require verification. For example, contoso.com requires verification. If a root domain is verified, subdomains of the root domain are automatically verified. For example, subdomain.contoso.com is automatically be verified if contoso.com has been verified. |
| New-MgDomainFederationConfiguration |
Create new navigation property to federationConfiguration for domains |
| New-MgDomainServiceConfigurationRecord |
Create new navigation property to serviceConfigurationRecords for domains |
| New-MgDomainSharedEmailDomainInvitation |
Create new navigation property to sharedEmailDomainInvitations for domains |
| New-MgDomainVerificationDnsRecord |
Create new navigation property to verificationDnsRecords for domains |
| New-MgOrganization |
Add new entity to organization |
| New-MgOrganizationBrandingLocalization |
Create new navigation property to localizations for organization |
| New-MgOrganizationExtension |
Create new navigation property to extensions for organization |
| New-MgOrganizationSettingProfileCardProperty |
Create new navigation property to profileCardProperties for organization |
| New-MgSubscribedSku |
Add new entity to subscribedSkus |
| New-MgUserScopedRoleMemberOf |
Create new navigation property to scopedRoleMemberOf for users |
| Remove-MgAdministrativeUnit |
Delete an administrativeUnit. |
| Remove-MgAdministrativeUnitExtension |
Delete navigation property extensions for administrativeUnits |
| Remove-MgAdministrativeUnitMemberByRef |
Delete ref of navigation property members for administrativeUnits |
| Remove-MgAdministrativeUnitScopedRoleMember |
Delete navigation property scopedRoleMembers for administrativeUnits |
| Remove-MgContact |
Delete entity from contacts |
| Remove-MgContract |
Delete entity from contracts |
| Remove-MgDevice |
Delete a registered device. |
| Remove-MgDeviceCommand |
Delete navigation property commands for devices |
| Remove-MgDeviceExtension |
Delete navigation property extensions for devices |
| Remove-MgDeviceRegisteredOwnerByRef |
Delete ref of navigation property registeredOwners for devices |
| Remove-MgDeviceRegisteredUserByRef |
Delete ref of navigation property registeredUsers for devices |
| Remove-MgDeviceUsageRights |
Delete navigation property usageRights for devices |
| Remove-MgDirectoryAdministrativeUnit |
Delete navigation property administrativeUnits for directory |
| Remove-MgDirectoryAdministrativeUnitExtension |
Delete navigation property extensions for directory |
| Remove-MgDirectoryAdministrativeUnitMemberByRef |
Delete ref of navigation property members for directory |
| Remove-MgDirectoryAdministrativeUnitScopedRoleMember |
Delete navigation property scopedRoleMembers for directory |
| Remove-MgDirectoryAttributeSet |
Delete navigation property attributeSets for directory |
| Remove-MgDirectoryCustomSecurityAttributeDefinition |
Delete navigation property customSecurityAttributeDefinitions for directory |
| Remove-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue |
Delete navigation property allowedValues for directory |
| Remove-MgDirectoryDeletedItem |
Delete navigation property deletedItems for directory |
| Remove-MgDirectoryFeatureRolloutPolicy |
Delete navigation property featureRolloutPolicies for directory |
| Remove-MgDirectoryFeatureRolloutPolicyApplyToByRef |
Delete ref of navigation property appliesTo for directory |
| Remove-MgDirectoryFederationConfiguration |
Delete navigation property federationConfigurations for directory |
| Remove-MgDirectoryImpactedResource |
Delete navigation property impactedResources for directory |
| Remove-MgDirectoryInboundSharedUserProfile |
Delete navigation property inboundSharedUserProfiles for directory |
| Remove-MgDirectoryInboundSharedUserProfilePersonalData |
Invoke action removePersonalData |
| Remove-MgDirectoryOnPremisSynchronization |
Delete navigation property onPremisesSynchronization for directory |
| Remove-MgDirectoryOutboundSharedUserProfile |
Delete navigation property outboundSharedUserProfiles for directory |
| Remove-MgDirectoryOutboundSharedUserProfileTenant |
Delete navigation property tenants for directory |
| Remove-MgDirectoryOutboundSharedUserProfileTenantPersonalData |
Invoke action removePersonalData |
| Remove-MgDirectoryRecommendation |
Delete navigation property recommendations for directory |
| Remove-MgDirectoryRole |
Delete entity from directoryRoles |
| Remove-MgDirectoryRoleMemberByRef |
Delete ref of navigation property members for directoryRoles |
| Remove-MgDirectoryRoleScopedMember |
Delete navigation property scopedMembers for directoryRoles |
| Remove-MgDirectoryRoleTemplate |
Delete entity from directoryRoleTemplates |
| Remove-MgDirectorySetting |
Delete a directory setting. |
| Remove-MgDirectorySettingTemplate |
Delete entity from directorySettingTemplates |
| Remove-MgDirectorySharedEmailDomain |
Delete navigation property sharedEmailDomains for directory |
| Remove-MgDomain |
Deletes a domain from a tenant. |
| Remove-MgDomainFederationConfiguration |
Delete navigation property federationConfiguration for domains |
| Remove-MgDomainServiceConfigurationRecord |
Delete navigation property serviceConfigurationRecords for domains |
| Remove-MgDomainSharedEmailDomainInvitation |
Delete navigation property sharedEmailDomainInvitations for domains |
| Remove-MgDomainVerificationDnsRecord |
Delete navigation property verificationDnsRecords for domains |
| Remove-MgOrganization |
Delete entity from organization |
| Remove-MgOrganizationBranding |
Delete navigation property branding for organization |
| Remove-MgOrganizationBrandingLocalization |
Delete navigation property localizations for organization |
| Remove-MgOrganizationExtension |
Delete navigation property extensions for organization |
| Remove-MgOrganizationSetting |
Delete navigation property settings for organization |
| Remove-MgOrganizationSettingContactInsight |
Delete navigation property contactInsights for organization |
| Remove-MgOrganizationSettingItemInsight |
Delete navigation property itemInsights for organization |
| Remove-MgOrganizationSettingMicrosoftApplicationDataAccess |
Delete navigation property microsoftApplicationDataAccess for organization |
| Remove-MgOrganizationSettingPersonInsight |
Delete navigation property peopleInsights for organization |
| Remove-MgOrganizationSettingProfileCardProperty |
Delete navigation property profileCardProperties for organization |
| Remove-MgOrganizationSettingPronoun |
Delete navigation property pronouns for organization |
| Remove-MgSubscribedSku |
Delete entity from subscribedSkus |
| Remove-MgUserScopedRoleMemberOf |
Delete navigation property scopedRoleMemberOf for users |
| Restore-MgDirectoryDeletedItem |
Invoke action restore |
| Set-MgOrganizationBrandingBackgroundImage |
Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. |
| Set-MgOrganizationBrandingBannerLogo |
A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingCustomCss |
CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB. |
| Set-MgOrganizationBrandingFavicon |
A custom icon (favicon) to replace a default Microsoft product favicon on an Azure AD tenant. |
| Set-MgOrganizationBrandingHeaderLogo |
A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingLocalizationBackgroundImage |
Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image will reduce bandwidth requirements and make the page load faster. |
| Set-MgOrganizationBrandingLocalizationBannerLogo |
A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingLocalizationCustomCss |
CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB. |
| Set-MgOrganizationBrandingLocalizationFavicon |
A custom icon (favicon) to replace a default Microsoft product favicon on an Azure AD tenant. |
| Set-MgOrganizationBrandingLocalizationHeaderLogo |
A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingLocalizationSquareLogo |
A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingLocalizationSquareLogoDark |
A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingSquareLogo |
A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationBrandingSquareLogoDark |
A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo. |
| Set-MgOrganizationMobileDeviceManagementAuthority |
Set mobile device management authority |
| Test-MgAdministrativeUnitProperty |
Invoke action validateProperties |
| Test-MgContactProperty |
Invoke action validateProperties |
| Test-MgContractProperty |
Invoke action validateProperties |
| Test-MgDeviceProperty |
Invoke action validateProperties |
| Test-MgDirectoryAdministrativeUnitProperty |
Invoke action validateProperties |
| Test-MgDirectoryDeletedItemProperty |
Invoke action validateProperties |
| Test-MgDirectoryFeatureRolloutPolicyApplyToProperty |
Invoke action validateProperties |
| Test-MgDirectoryRoleProperty |
Invoke action validateProperties |
| Test-MgDirectoryRoleTemplateProperty |
Invoke action validateProperties |
| Test-MgDirectorySettingTemplateProperty |
Invoke action validateProperties |
| Test-MgOrganizationProperty |
Invoke action validateProperties |
| Update-MgAdministrativeUnit |
Update the properties of an administrativeUnit object. |
| Update-MgAdministrativeUnitExtension |
Update the navigation property extensions in administrativeUnits |
| Update-MgAdministrativeUnitScopedRoleMember |
Update the navigation property scopedRoleMembers in administrativeUnits |
| Update-MgContact |
Update entity in contacts |
| Update-MgContract |
Update entity in contracts |
| Update-MgDevice |
Update the properties of a device. Only certain properties of a device can be updated through approved Mobile Device Management (MDM) apps. |
| Update-MgDeviceCommand |
Update the navigation property commands in devices |
| Update-MgDeviceExtension |
Update the navigation property extensions in devices |
| Update-MgDeviceUsageRights |
Update the navigation property usageRights in devices |
| Update-MgDirectory |
Update directory |
| Update-MgDirectoryAdministrativeUnit |
Update the navigation property administrativeUnits in directory |
| Update-MgDirectoryAdministrativeUnitExtension |
Update the navigation property extensions in directory |
| Update-MgDirectoryAdministrativeUnitScopedRoleMember |
Update the navigation property scopedRoleMembers in directory |
| Update-MgDirectoryAttributeSet |
Update the navigation property attributeSets in directory |
| Update-MgDirectoryCustomSecurityAttributeDefinition |
Update the navigation property customSecurityAttributeDefinitions in directory |
| Update-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue |
Update the navigation property allowedValues in directory |
| Update-MgDirectoryDeletedItem |
Update the navigation property deletedItems in directory |
| Update-MgDirectoryFeatureRolloutPolicy |
Update the navigation property featureRolloutPolicies in directory |
| Update-MgDirectoryFederationConfiguration |
Update the navigation property federationConfigurations in directory |
| Update-MgDirectoryImpactedResource |
Update the navigation property impactedResources in directory |
| Update-MgDirectoryInboundSharedUserProfile |
Update the navigation property inboundSharedUserProfiles in directory |
| Update-MgDirectoryOnPremisSynchronization |
Update the navigation property onPremisesSynchronization in directory |
| Update-MgDirectoryOutboundSharedUserProfile |
Update the navigation property outboundSharedUserProfiles in directory |
| Update-MgDirectoryOutboundSharedUserProfileTenant |
Update the navigation property tenants in directory |
| Update-MgDirectoryRecommendation |
Update the navigation property recommendations in directory |
| Update-MgDirectoryRole |
Update entity in directoryRoles |
| Update-MgDirectoryRoleScopedMember |
Update the navigation property scopedMembers in directoryRoles |
| Update-MgDirectoryRoleTemplate |
Update entity in directoryRoleTemplates |
| Update-MgDirectorySetting |
Update the properties of a specific directory setting object. |
| Update-MgDirectorySettingTemplate |
Update entity in directorySettingTemplates |
| Update-MgDirectorySharedEmailDomain |
Update the navigation property sharedEmailDomains in directory |
| Update-MgDomain |
Update the properties of domain object. |
| Update-MgDomainFederationConfiguration |
Update the navigation property federationConfiguration in domains |
| Update-MgDomainServiceConfigurationRecord |
Update the navigation property serviceConfigurationRecords in domains |
| Update-MgDomainSharedEmailDomainInvitation |
Update the navigation property sharedEmailDomainInvitations in domains |
| Update-MgDomainVerificationDnsRecord |
Update the navigation property verificationDnsRecords in domains |
| Update-MgOrganization |
Update the properties of the currently authenticated organization.
In this case, |
| Update-MgOrganizationBranding |
Update the navigation property branding in organization |
| Update-MgOrganizationBrandingLocalization |
Update the navigation property localizations in organization |
| Update-MgOrganizationExtension |
Update the navigation property extensions in organization |
| Update-MgOrganizationSetting |
Update the navigation property settings in organization |
| Update-MgOrganizationSettingContactInsight |
Update the navigation property contactInsights in organization |
| Update-MgOrganizationSettingItemInsight |
Update the navigation property itemInsights in organization |
| Update-MgOrganizationSettingMicrosoftApplicationDataAccess |
Update the navigation property microsoftApplicationDataAccess in organization |
| Update-MgOrganizationSettingPersonInsight |
Update the navigation property peopleInsights in organization |
| Update-MgOrganizationSettingProfileCardProperty |
Update the navigation property profileCardProperties in organization |
| Update-MgOrganizationSettingPronoun |
Update the navigation property pronouns in organization |
| Update-MgSubscribedSku |
Update entity in subscribedSkus |
| Update-MgUserScopedRoleMemberOf |
Update the navigation property scopedRoleMemberOf in users |