Forum Discussion
Entra PIM Role Activation
# Ensure necessary modules are installed
$modules = @("DCToolbox", "Microsoft.Entra")
foreach ($module in $modules) {
if (-not (Get-Module -ListAvailable -Name $module)) {
Install-Modul...
Hi cvaxel​
Just use the Microsoft.Graph PowerShell Modules
Source:
https://learn.microsoft.com/en-us/answers/questions/1879083/programmatically-activate-my-entra-id-assigned-rol
Kind Regards
Andres
Connect-MgGraph -Scopes "RoleAssignmentSchedule.ReadWrite.Directory" -NoWelcome
$context = Get-MgContext
$currentUser = (Get-MgUser -UserId $context.Account).Id
# Get all available roles
$myRoles = Get-MgRoleManagementDirectoryRoleEligibilitySchedule -ExpandProperty RoleDefinition -All -Filter "principalId eq '$currentuser'"
# Get Global Reader
$myRole = $myroles | Where-Object {$_.RoleDefinition.DisplayName -eq "Global Reader"}
# Setup parameters for activation
$params = @{
Action = "selfActivate"
PrincipalId = $myRole.PrincipalId
RoleDefinitionId = $myRole.RoleDefinitionId
DirectoryScopeId = $myRole.DirectoryScopeId
Justification = "Needed for work"
ScheduleInfo = @{
StartDateTime = Get-Date
Expiration = @{
Type = "AfterDuration"
Duration = "PT8H"
}
}
}
# Activate the role
New-MgRoleManagementDirectoryRoleAssignmentScheduleRequest -BodyParameter $params