Check Microsoft, Security and Compliance, Azure, and Exchange Role Membership

Scenario: You want to quickly gather membership information on all of Microsoft Online, AzureAD, and Exchange Online Roles.

Scriptlets:

Check Microsoft Online for Role Membership

#Connect to Microsoft Online: Connect-MSOLService
$MSrole_user = @()
$MSroles = Get-MsolRole
$MSroles | Sort name | %{
$n = $_.name
“Checking Role: $n”
$MSrole_User += Get-MsolRoleMember -RoleObjectId $_.ObjectId | Select @{Name=”RoleName”;Expression={“$n”}},DisplayName, EmailAddress,RoleMemberType
}
$MSRole_User


Check Azure AD for Role Membership

#Connect to Azure AD: Connect-AzureAD
$AZrole_user = @()
$AZroles = Get-AzureADDirectoryRole
$AZroles | Sort DisplayName | %{
$n = $_.DisplayName
“Checking Role: $n”
$AZrole_User += Get-AzureADDirectoryRoleMember -ObjectId $_.ObjectId | Select @{Name=”RoleName”;Expression={“$n”}},DisplayName,ObjectType,Mail,SecurityEnabled
}
$AZRole_User

Check for Security and Compliance Role Membership

#Connect to IPPS Sessions Online: Connect-IPPSSession
$SCrole_user = @()
$SCroles = Get-RoleGroup
$SCRoles | Sort Name | %{
$n = $_.name
“Checking Role: $n”
$SCRole_User += get-rolegroupmember $N | select @{Name=”RoleName”;Expression={“$N”},name,windowsliveid
}
$SCRole_User

Check Exchange Online Online

#Connect to Exchange Online: Connect-ExchangeOnline
$Exchange_Roles = get-managementroleassignment -geteffectiveusers
$exchange_Roles_Unique = $Exchange_Roles | Select RoleAssigneeName,EffectiveUserName
$Exchange_Roles_Unique = $exchange_Roles_Unique | Select -Unique RoleAssigneeName,EffectiveUserName
$Exchange_Roles_Unique

Advertisement

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Cancel

Connecting to %s

%d bloggers like this: