Problem restoring deleted user with mggraph
Hello, I have done a few 365 migration and almost everytime there are some user data that has been missed in the migration. Earlier I solved this by restoring the 365 user in the source tenant to another domain using this msol script in powershell: Restore-MsolUser -UserPrincipalName email address removed for privacy reasons -Verbose Restore-MsolUser -UserPrincipalName email address removed for privacy reasons -Verbose -AutoReconcileProxyConflicts Restore-MsolUser -UserPrincipalName email address removed for privacy reasons -Verbose -AutoReconcileProxyConflicts -NewUserPrincipalName email address removed for privacy reasons I know it is not perfect but it worked well and saved a bunch of times. I have now done another migration now and got the same issue so I need to restore the users so we can access the data again and move it. BUT! I realized today that msol service is no more, so I am kinda stuck with figuring this out in mggraph. I have tried for a few hours now and I am not sure if this even possible with mggraph. Whenever I try to build a script using Restore-MgDirectoryDeletedUser/Item which google, copilote etc tells me to use I only get this error: The term 'Restore-MgDirectoryDeletedUser/item' is not recognized as the name of a cmdlet, function, script file, or operable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. Or I get that it "works" but that the proxy/domain conflicts: Errors detected while trying to restore the user restoreUserErrors: ErrorValue:<pii><pii>E*****.E*******</pii>@domain.com</pii> ObjectType: ConflictingObjectId:, ErrorType:UserPrincipalName, ErrorId:InvalidDomainErrorValue:<pii>smtp:<pii>ee</pii>@domain.com</pii> ObjectType: ConflictingObjectId:, ErrorType:ProxyAddress, ErrorId:InvalidDomain Status: 400 (BadRequest) ErrorCode: Request_BadRequest Date: 2025-09-08T13:49:36 Since I do not have the first domain in the source tenant anymore I need to restore the user to a different domain. Does anyone have any idea on how I can recreate the msol version to mggraph? I feel like I have tried everything to my knowledge now so hopefully anyone here can give me help or tips. Thanks! /Adam
Entra PIM Role Activation
# Ensure necessary modules are installed $modules = @("DCToolbox", "Microsoft.Entra") foreach ($module in $modules) { if (-not (Get-Module -ListAvailable -Name $module)) { Install-Module -Name $module -Repository PSGallery -Scope CurrentUser -Force -AllowClobber } } # Check if msal.ps package is installed if (-not (Get-Package -Name msal.ps -ErrorAction SilentlyContinue)) { Install-Package msal.ps -Force -Confirm:$false } # Ensure Entra Authentication module is properly imported Remove-Module Microsoft.Entra.Authentication -ErrorAction SilentlyContinue Import-Module Microsoft.Entra.Authentication -Force # Connect to Entra ID with proper authentication Connect-Entra Add-Type -AssemblyName System.Windows.Forms # Create GUI Form $form = New-Object System.Windows.Forms.Form $form.Text = "EntraPIMRole Activation" $form.Size = New-Object System.Drawing.Size(350, 350) # Create Checkboxes $checkboxes = @() $labels = @("Global Administrator", "Teams Administrator", "SharePoint Administrator", "Exchange Administrator", "Billing Administrator") for ($i = 0; $i -lt $labels.Count; $i++) { $checkbox = New-Object System.Windows.Forms.CheckBox $checkbox.Text = $labels[$i] $checkbox.AutoSize = $true $checkbox.Width = 250 $checkbox.Location = New-Object System.Drawing.Point(20, (20 + ($i * 30))) $checkboxes += $checkbox $form.Controls.Add($checkbox) } # Create TextBox $textBox = New-Object System.Windows.Forms.TextBox $textBox.Location = New-Object System.Drawing.Point(20, 180) $textBox.Size = New-Object System.Drawing.Size(300, 20) $form.Controls.Add($textBox) # Create Button $button = New-Object System.Windows.Forms.Button $button.Text = "Run" $button.Location = New-Object System.Drawing.Point(20, 220) $button.Size = New-Object System.Drawing.Size(80, 30) $button.Add_Click({ $selectedOptions = $checkboxes | Where-Object { $_.Checked } | ForEach-Object { $_.Text } $inputText = $textBox.Text # Verify if the required function exists before executing if (Get-Command -Name Enable-DCEntraIDPIMRole -ErrorAction SilentlyContinue) { Enable-DCEntraIDPIMRole -RolesToActivate $selectedOptions -UseMaximumTimeAllowed -Reason $inputText [System.Windows.Forms.MessageBox]::Show("Activated Roles: $($selectedOptions -join ', ')`nReason: $inputText") } else { [System.Windows.Forms.MessageBox]::Show("Error: Enable-DCEntraIDPIMRole function not found. Ensure the correct module is installed.") } }) $form.Controls.Add($button) # Show Form $form.ShowDialog() Im trying to create a script so i can activate PIM with logon to the azure portal. But for some reason i cant get it to work. Can you all please help me out.
Assigning a Manager with PowerShell Graph – Manager Not Found
Hi everyone, We are currently refactoring our PowerShell scripts to align with Microsoft's recommended standards. In our script that creates new users in Azure Active Directory (AAD) via Microsoft Graph, we’re having trouble assigning a manager to a new user. Whether we try using the manager’s object ID or email address, the manager is not found, and the assignment fails. Has anyone encountered this issue before? Is there something we might be doing wrong in how we’re referencing or assigning the manager? Thanks in advance for your help.A little help please with Get-AzADObject
I am trying to write a PowerShell script that will list the users who hold specified Azure roles into a .csv file for security reviews. I'm new to PowerShell and I'm struggling with this for far too long on my own. Here's what I've got: I keep getting the error: Get-AzADObject: The term 'Get-AzADObject' is not recognized as a name of a cmdlet, function, script file, or executable program. Check the spelling of the name, or if a path was included, verify that the path is correct and try again. I've already used: Get-Module AzureAD Install-Module AzureAD Import-Module AzureAD With no errors on any of those. What am I missing, please?
Ad-Hoc Entra MFA using SMS
Error : Get MFA Client Access TokenDone. Send MFA challenge to the user Done. OTP sent to your phone. Please enter the OTP: Enter the OTP sent via SMS: 696632 Invoke-RestMethod: C:\Git_Repo\MFA_Test\MFATestWIthKyle\sms.ps1:54:28 Line | 54 | … ionResult = Invoke-RestMethod -Uri 'https://strongauthenticationservi … | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ | Service BODY { color: #000000; background-color: white; font-family: Verdana; margin-left: 0px; margin-top: 0px; | } #content { margin-left: 30px; font-size: .70em; padding-bottom: 2em; } A:link { color: #336699; font-weight: bold; | text-decoration: underline; } A:visited { color: #6699cc; font-weight: bold; text-decoration: underline; } A:active { color: | #336699; font-weight: bold; text-decoration: underline; } .heading1 { background-color: #003366; border-bottom: #336699 6px | solid; color: #ffffff; font-family: Tahoma; font-size: 26px; font-weight: normal;margin: 0em 0em 10px -20px; padding-bottom: | 8px; padding-left: 30px;padding-top: 16px;} pre { font-size:small; background-color: #e5e5cc; padding: 5px; font-family: | Courier New; margin-top: 0px; border: 1px #f0f0e0 solid; white-space: pre-wrap; white-space: -pre-wrap; word-wrap: break-word; | } table { border-collapse: collapse; border-spacing: 0px; font-family: Verdana;} table th { border-right: 2px white solid; | border-bottom: 2px white solid; font-weight: bold; background-color: #cecf9c;} table td { border-right: 2px white solid; | border-bottom: 2px white solid; background-color: #e5e5cc;} Service Endpoint not found. WARNING: Invalid OTP or validation failed. Below line causing the error $mfaValidationResult = Invoke-RestMethod -Uri 'https://strongauthenticationservice.auth.microsoft.com/StrongAuthenticationService.svc/Connector//ValidatePin' -Method POST -Headers $Headers -Body $XML -ContentType 'application/xml'
Adding External Users in-bulk to: Microsoft Teams & Private Channel(s) within the Team
We have a customer who requires over 350 external users (their customers) to be added / invited into a Team which has been created. "Half" of the users need to be added into "private channel a", and the other "Half" need to be added into "private channel b". We have attempted to add the users via various PowerShell scripts, however none of these scripts that we have been provided with have worked for various reasons. I have been unable to locate any native methods for this within the MS 365 admin centre, therefore believe that the only way to achieve this is by PowerShell scripting. Example of the most recent script we have is as follows, omitting the creation of the private channel(s) as they have already been created - see below: We require assistance with the actual script itself to: Add users into the team from a CSV of their email addresses. Assign the users to the correct private channel. Note - users will be added in 2 batches - 1 per private channel, so we just require scripting that can be modified to achieve this. # Install the Microsoft Teams PowerShell Module Install-Module -Name PowerShellGet -Force -AllowClobber Install-Module -Name MicrosoftTeams -Force -AllowClobber # Connect to Microsoft Teams Connect-MicrosoftTeams # Define the team name and path to the CSV file $teamName = "Your Team Name" $csvPath = "C:\path\to\your\users.csv" # Get the GroupId of the team $team = Get-Team -DisplayName $teamName $groupId = $team.GroupId # Import users from the CSV file $users = Import-Csv $csvPath # Add external users to the team foreach ($user in $users) { Add-TeamUser -GroupId $groupId -User $user.Email } # Define the private channel name $privateChannelName = "Private Channel Name" # Create the private channel New-TeamChannel -GroupId $groupId -DisplayName $privateChannelName -MembershipType Private # Get the ChannelId of the private channel $channel = Get-TeamChannel -GroupId $groupId -DisplayName $privateChannelName $channelId = $channel.Id # Add users to the private channel foreach ($user in $users) { Add-TeamChannelUser -GroupId $groupId -User $user.Email -ChannelId $channelId }
