New-MgDirectoryRoleMemberByRef
Create a new directory role member. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.
Note
To view the beta release of this cmdlet, view New-MgBetaDirectoryRoleMemberByRef
Syntax
New-MgDirectoryRoleMemberByRef
-DirectoryRoleId <String>
[-ResponseHeadersVariable <String>]
-OdataId <String>
[-AdditionalProperties <Hashtable>]
[-Headers <IDictionary>]
[-PassThru]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-MgDirectoryRoleMemberByRef
-DirectoryRoleId <String>
-BodyParameter <IReferenceCreate>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-PassThru]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-MgDirectoryRoleMemberByRef
-InputObject <IIdentityDirectoryManagementIdentity>
[-ResponseHeadersVariable <String>]
-OdataId <String>
[-AdditionalProperties <Hashtable>]
[-Headers <IDictionary>]
[-PassThru]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] New-MgDirectoryRoleMemberByRef
-InputObject <IIdentityDirectoryManagementIdentity>
-BodyParameter <IReferenceCreate>
[-ResponseHeadersVariable <String>]
[-Headers <IDictionary>]
[-PassThru]
[-ProgressAction <ActionPreference>]
[-WhatIf]
[-Confirm]
[<CommonParameters>] Description
Create a new directory role member. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.
Permissions
| Permission type | Least privileged permissions | Higher privileged permissions |
|---|---|---|
| Delegated (work or school account) | RoleManagement.ReadWrite.Directory | Not available. |
| Delegated (personal Microsoft account) | Not supported. | Not supported. |
| Application | RoleManagement.ReadWrite.Directory | Not available. |
Examples
Example 1: Add a member to a directory role
$DirObject = @{
"@odata.id" = "https://graph.microsoft.com/v1.0/directoryObjects/3d939dc2-d0a0-4d4d-b3f4-6bb75ce6ff6e"
}
New-MgDirectoryRoleMemberByRef -DirectoryRoleId 'c6bb44c1-73cc-48a1-a73c-b6a977084948' -BodyParameter $DirObjectThe first command sets the value for the directory object variable $DirObject. The second command assigns the defined directory object the directory role defined by the DirectoryRoleId
Parameters
-AdditionalProperties
Additional Parameters
| Type: | Hashtable |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-BodyParameter
. To construct, see NOTES section for BODYPARAMETER properties and create a hash table.
| Type: | IReferenceCreate |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Confirm
Prompts you for confirmation before running the cmdlet.
| Type: | SwitchParameter |
| Aliases: | cf |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-DirectoryRoleId
The unique identifier of directoryRole
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-Headers
Optional headers that will be added to the request.
| Type: | IDictionary |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-InputObject
Identity Parameter To construct, see NOTES section for INPUTOBJECT properties and create a hash table.
| Type: | IIdentityDirectoryManagementIdentity |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-OdataId
The entity reference URL of the resource. For example, https://graph.microsoft.com/v1.0/directoryObjects/{id}.
| Type: | String |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-PassThru
Returns true when the command succeeds
| Type: | SwitchParameter |
| Position: | Named |
| Default value: | False |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ProgressAction
{{ Fill ProgressAction Description }}
| Type: | ActionPreference |
| Aliases: | proga |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-ResponseHeadersVariable
Optional Response Headers Variable.
| Type: | String |
| Aliases: | RHV |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
-WhatIf
Shows what would happen if the cmdlet runs. The cmdlet is not run.
| Type: | SwitchParameter |
| Aliases: | wi |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |
Inputs
Microsoft.Graph.PowerShell.Models.IIdentityDirectoryManagementIdentity
Microsoft.Graph.PowerShell.Models.IReferenceCreate
System.Collections.IDictionary
Outputs
System.Boolean
Notes
COMPLEX PARAMETER PROPERTIES
To create the parameters described below, construct a hash table containing the appropriate properties. For information on hash tables, run Get-Help about_Hash_Tables.
BODYPARAMETER <IReferenceCreate>: .
[(Any) <Object>]: This indicates any property can be added to this object. OdataId<String>: The entity reference URL of the resource. For example, https://graph.microsoft.com/v1.0/directoryObjects/{id}.
INPUTOBJECT <IIdentityDirectoryManagementIdentity>: Identity Parameter
[AdministrativeUnitId <String>]: The unique identifier of administrativeUnit[AllowedValueId <String>]: The unique identifier of allowedValue[AttributeSetId <String>]: The unique identifier of attributeSet[CommerceSubscriptionId <String>]: Alternate key of companySubscription[CompanySubscriptionId <String>]: The unique identifier of companySubscription[ContractId <String>]: The unique identifier of contract[CustomSecurityAttributeDefinitionId <String>]: The unique identifier of customSecurityAttributeDefinition[DeviceId <String>]: The unique identifier of device[DeviceLocalCredentialInfoId <String>]: The unique identifier of deviceLocalCredentialInfo[DirectoryObjectId <String>]: The unique identifier of directoryObject[DirectoryRoleId <String>]: The unique identifier of directoryRole[DirectoryRoleTemplateId <String>]: The unique identifier of directoryRoleTemplate[DomainDnsRecordId <String>]: The unique identifier of domainDnsRecord[DomainId <String>]: The unique identifier of domain[ExtensionId <String>]: The unique identifier of extension[IdentityProviderBaseId <String>]: The unique identifier of identityProviderBase[InternalDomainFederationId <String>]: The unique identifier of internalDomainFederation[OnPremisesDirectorySynchronizationId <String>]: The unique identifier of onPremisesDirectorySynchronization[OrgContactId <String>]: The unique identifier of orgContact[OrganizationId <String>]: The unique identifier of organization[OrganizationalBrandingLocalizationId <String>]: The unique identifier of organizationalBrandingLocalization[ProfileCardPropertyId <String>]: The unique identifier of profileCardProperty[RoleTemplateId <String>]: Alternate key of directoryRole[ScopedRoleMembershipId <String>]: The unique identifier of scopedRoleMembership[SubscribedSkuId <String>]: The unique identifier of subscribedSku[UserId <String>]: The unique identifier of user