Top 10 Microsoft Graph PowerShell Cmdlets for Office 365 Admins

Top 10 Microsoft Graph PowerShell Cmdlets for Office 365 Admins

Lately, Microsoft announced Msol online, and Azure AD modules will be deprecated after December 2022. So, it’s time to switch to the Microsoft Graph module. As of now, there are no tools to convert Msol and Azure AD modules to their Microsoft Graph counterparts. While it’s familiar to generate Microsoft 365 reports, it’s quite new with MS Graph. So, in this blog, we’ll show you the equivalent top 10 Microsoft Graph PowerShell cmdlets that will help you conduct basic Office 365 reporting with the help of the Microsoft Graph PowerShell Module.   

Firstly, you must install and connect to the Microsoft Graph PowerShell. Also, make sure you use the beta version since the default module uses a stable version of the API, which might miss out on some significant features. 

So, to experience the new features, use the beta version using the below cmdlet.  

Select-MgProfile –Name “beta”     

Contents: 

 

Get Microsoft 365 Users Report Using MS Graph: 

Get-MsolUser or Get-AzureADUser cmdlet is used to get the Office 365 user details using PowerShell. In Microsoft Graph, we use Get-MgUser to get the Office 365 user details from Azure Active Directory.    

To get a list of all users with the User Id, Display Name, Email Address, User Principal Name, and User Type, use the below cmdlet. 

Get-MgUser –All

Note: Generally, the Get-MgUser cmdlet displays only the first 100 users by default. So, to get all Azure AD users using Microsoft Graph, use the parameter -All. 

Microsoft Graph PowerShell cmdlet to get office 365 users reports

 

Get Microsoft 365 Users Report with Specific Parameters: 

Get-MgUser provides a list of parameters to search and filter the users based on our requirements. The parameters are, 

  •  Filter – Filter items by property values. 
  • UserId – Provides the specific user based on the user’s Object ID or UPN. 
  • Search – This shows all users who match the search string. 
  • Top- Displays only the first n items. 
  • All – Returns all the items irrespective of numbers. 

To get the list of all enabled Office 365 user accounts with customized properties, use the below cmdlet: 

Get-MgUser -Filter 'accountEnabled eq true' -All | Format-List UserPrincipalName,JobTitle,OfficeLocation

To find the Office 365 Manager of a user, specify the User ID, and run the below cmdlet:

Get-MgUserManager -UserId <User ID> | foreach {$_.AdditionalProperties.displayName}

 

Get Office 365 License Reports Using MS Graph: 

Microsoft announced that it’ll be increasing its prices for most commercial Office 365 and Microsoft 365 subscriptions globally. So, it is worth auditing the set of licenses inside the tenant and managing them efficiently. Previously, we export license reports using the MS Online module, due to the deprecation, let us look at Microsoft Graph PowerShell cmdlets that will help you get Office 365 license reports. 

Let me help! Here are some cmdlets that will help you to get Office 365 license reports. 

Firstly, to get the list of all Microsoft 365 licenses used in the tenant, use the following cmdlet: 

Get-MgSubscribedSku

get license details using Microsoft Graph PowerShell

Checking on the licensed and unlicensed users is a must because it lets you find how many licensed and unlicensed users are available in the tenant. 

To get a list of all licensed users, use the following cmdlet: 

Get-MgUser -All | Where-Object {($_.AssignedLicenses.Count) -ne 0}  

To get a list of all unlicensed users, use the following cmdlet: 

Get-MgUser -All | Where-Object {($_.AssignedLicenses.Count) -eq 0 }  

If you’re about to find license assignment details of specific users, run this cmdlet. 

Get-MgUserLicenseDetail -UserId <User ID> | Format-List 

In another case, to get a list of users with specific license, you can perform it as follow. This example gets users with an E3 license, 

Get-Mguser -All | Where-Object{(($_.AssignedLicenses).SkuId) -eq <E3 SKU ID>}

 

Microsoft Graph PowerShell Cmdlets for Groups Reporting: 

Office 365 group reports help you gain a comprehensive picture of groups and their activities. But due to the deprecation of Azure AD cmdlets, we have to look at counterpart Microsoft Graph PowerShell cmdlets. 

No worries! This section will answer your queries. Let us now see how to get Office 365 groups objects and properties using MS Graph PowerShell SDK in this section.  

Get-MgGroup cmdlet displays the details of Office 365 Groups. To get a list of all groups with the default information about Id, DisplayName, and Description, run the following cmdlet: 

Get-MgGroup –All

Suppose you want to find only the security-enabled groups; you can use the –Filter parameter and find the mail-enabled groups in Office 365. 

Get-MgGroup –Filter “securityEnabled eq true” -All

 

Get Office 365 Group Membership Using MS Graph PowerShell: 

Being aware of Office 365 group members is an important step because doing so will make further group-related activities easier. The Get-MgGroupMember cmdlet enables you to get group membership in the MS graph. To view all the group members of a particular group, use the following cmdlet: 

Get-MgGroupMember -GroupId <GroupId> | select AdditionalProperties | foreach {$_.AdditionalProperties.mail}

Get Office 365 Group Membership Reports Using Microsoft Graph PowerShell

To get the Office 365 groups a user is a member of, use the below cmdlet:

Get-MgUserMemberOf -UserId <User ID> | foreach {$_.AdditionalProperties.displayName}

The below cmdlet helps to identify in which groups the given group is a member,

Get-MgGroupMemberOf -GroupId <Group ID> | foreach {$_.AdditionalProperties}

After identifying the group membership, it is necessary to find the Office 365 Group owner. So, to find the group owner, run the following cmdlet.

Get-MgGroupOwner -GroupId <Group ID> | foreach {$_.AdditionalProperties.userPrincipalName}

 

Export Microsoft 365 Reports to a CSV: 

It’ll be hard to analyze the detailed reports in the PowerShell window for a large enterprise.  So, using the Export-CSV cmdlet, you can export the reports to a CSV file.  

Here is an example of how to export Microsoft 365 reports to CSV. In this case, we exported the list of all Microsoft 365 users to a CSV file. You have to combine the above-mentioned cmdlets with the Export-CSV cmdlet. 

Get-MgUser -All | Select DisplayName,UserPrincipalName,JobTitle| Export-CSV -Path "C:\ExportDetails.CSV" -NoTypeInformation

The exported report looks similar to the screenshot below.
export office 365 users to CSV

 

View Microsoft 365 reports in Grid View:

 

In Grid View, you have an interactive table in which user information will be displayed, and you can filter the information as per your need. Use the Out-GridView cmdlet in combination with other cmdlets to view the information of your choice in grid view.  

To view the list of users in the tenant in grid view, use the following cmdlet: 

Get-MgUser –All | Out-GridView

Microsoft 365 grid view reports

To work with Microsoft Graph PowerShell cmdlets may seem complicated at first. But it is preferable to invest in Microsoft Graph since it provides APIs for a myriad of services and will help in the potential development of identity management.  

However, if you want to generate Office 365 reports with a few mouse clicks, check out the Free Microsoft 365 reporting tool by AdminDroid. The tool provides user-friendly interface and 100+ free reports & dashboards on Microsoft 365 users, licenses, groups, group membership & changes, user logins, password changes, etc. 

Finally, I hope I’ve covered most required Microsoft Graph cmdlets to generate Azure AD reports. If you have any further queries, reach out in the comment section. We’re sure to help you! 

 

Top 10 Microsoft Graph PowerShell Cmdlets for Office 365 Admins

by Pavithra time to read: 5 min
0