Rediger

Del via


Get-AzureADMSRoleAssignment

This article provides migration details from Get-AzureADMSRoleAssignment command to Microsoft Graph PowerShell.

Summary

Permissions

For the directory (Microsoft Entra ID) provider

Permission type Permissions (from least to most privileged)
Delegated (work or school account) RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All
Delegated (personal Microsoft account) Not supported.
Application RoleManagement.Read.Directory, Directory.Read.All, RoleManagement.ReadWrite.Directory, Directory.ReadWrite.All

For the entitlement management provider

Permission type Permissions (from least to most privileged)
Delegated (work or school account) EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All
Delegated (personal Microsoft account) Not supported.
Application EntitlementManagement.Read.All, EntitlementManagement.ReadWrite.All

Property Mapping

Azure AD Name Microsoft Graph Name
All All
Filter Filter
Id UnifiedRoleAssignmentId
SearchString
Top Top