powershell graph sdk
3 Topics
Calling principal does not have required MSGraph permissions AuditLog.Read.All
I have a Runbook (Automation Accounts) parsing AAD SignIn and Audit logs, however, when it executes Get-AzureADAuditSignInLogs I'm getting the following error: Get-AzureADAuditSignInLogs : Error occurred while executing GetAuditSignInLogs Code: Authentication_MSGraphPermissionMissing Message: Calling principal does not have required MSGraph permissions AuditLog.Read.All The Managed Identity I'm using in Runbook has Security Reader role, but it doesn't seem to be enough?Solved18KViews0likes6Comments
Remove allocated O365 licenses for specified user using PS Script
I am getting error while running below PS commands after successful authentication. $Licenses = Get-MgUserLicenseDetail -UserId $Name Get-MgUserLicenseDetail -UserId $Name | foreach {Set-MgUserLicense -UserId $Name -AddLicenses @() -RemoveLicenses @($Licenses.SkuId)} Note : $Name is provided as argument.766Views0likes2Comments
Find all the AzureADUsers created after a certain date via PowerShell Graph
Hello everyone, As Microsoft will eventually retire the AzureAD and MSOL PowerShell modules (March 2023?), I am trying to update all the PowerShell scripts based on those modules with new ones based on Microsoft Graph API calls and PowerShell Graph SDK. I am struggling with a script which should find all the AzureAD members created after 1 July 2022 inside a specific Security Group. The script should generate a list of these "new starters" and retrieve the following information: DisplayName, UPN, ID, Email, JobTitle. This is what I got so far: [datetime]$Date = (Get-Date).adddays(-60) $Users = Get-MgGroupMember -GroupId xxxxxxxx-xxxx-xxxx-xxxx-xxxxxxxxxxxx -All $Users.Count $UsersCreatedDate = $Users.ForEach{ Get-MgUser -UserId $_.Id | Select-Object -Property Id, UserPrincipalName, JobTitle, CreatedDateTime } Getting all the users takes some time (we have around 400 members in that Security group), I am not sure if there is a quicker way to get those information. Then I tried to filter that list using the "where-object" $UsersCreatedDate | Where-Object {($_.CreatedDateTime -gt '$Date')} but to no avail. I am always getting the error Could not compare "06/20/2017 09:00:00" to "$DateTime". Error: "Cannot convert value "$DateTime" to type "System.DateTime". Error: "String was not recognized as a valid DateTime."" What am I doing wrong? Any help would be much appreciated! Many thanks in advance FrancescoSolved15KViews1like7Comments