Microsoft.Graph.DirectoryObjects

Microsoft Graph PowerShell Cmdlets

Microsoft.Graph.DirectoryObjects

Confirm-MgDirectoryObjectMemberGroup

Check for membership in a specified list of group IDs, and return from that list those groups (identified by IDs) of which the specified user, group, service principal, organizational contact, device, or directory object is a member. This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryObjectMemberGroup

Confirm-MgDirectoryObjectMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryObjectMemberObject

Get-MgDirectoryObject

Retrieve the properties and relationships of a directoryObject object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryObject

Get-MgDirectoryObjectAvailableExtensionProperty

Return all directory extension definitions that have been registered in a directory, including through multi-tenant apps. The following entities support extension properties:

Get-MgDirectoryObjectById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryObjectById

Get-MgDirectoryObjectCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryObjectCount

Get-MgDirectoryObjectDelta

Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information about the delta function, see Use delta query to track changes in Microsoft Graph data for details.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryObjectDelta

Get-MgDirectoryObjectMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryObjectMemberGroup

Get-MgDirectoryObjectMemberObject

Return all IDs for the groups, administrative units, and directory roles that a user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. Note: Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryObjectMemberObject

New-MgDirectoryObject

Add new entity to directoryObjects

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryObject

Remove-MgDirectoryObject

Delete a directory object, for example, a group, user, application, or service principal.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryObject

Test-MgDirectoryObjectProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you are only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaDirectoryObjectProperty

Update-MgDirectoryObject

Update entity in directoryObjects

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryObject