Note
Access to this page requires authorization. You can try signing in or .
Access to this page requires authorization. You can try .
Get-AzureADDirectoryRole
- Module:
- AzureAD Module
Gets a directory role.
Syntax
GetQuery (Default)
Get-AzureADDirectoryRole
[-Filter <String>]
[-InformationAction <ActionPreference>]
[-InformationVariable <String>]
[<CommonParameters>]
GetById
Get-AzureADDirectoryRole
-ObjectId <String>
[-InformationAction <ActionPreference>]
[-InformationVariable <String>]
[<CommonParameters>]
Description
The Get-AzureADDirectoryRole cmdlet gets a directory role from Azure Active Directory (AD).
Examples
Example 1: Get a directory role by ID
PS C:\>Get-AzureADDirectoryRole -ObjectId "62e90394-69f5-4237-9190-012177145e10"
ObjectId DisplayName Description
-------- ----------- -----------
62e90394-69f5-4237-9190-012177145e10 Global Administrator Can manage all aspects of Azure AD and Microsoft services that use Azure AD identities.
Example 2: Get all directory roles
PS C:\>Get-AzureADDirectoryRole
ObjectId DisplayName Description
-------- ----------- -----------
62e90394-69f5-4237-9190-012177145e10 Global Administrator Can manage all aspects of Azure AD and Microsoft services that use Azure AD identities.
2b3a80bc-51a4-476d-8e09-cd8b6cdde5ea Directory Writers Can read and write basic directory information. For granting access to applications, not intended for users.
526b7173-5a6e-49dc-88ec-b677a9093709 User Administrator Can manage all aspects of users and groups, including resetting passwords for limited admins.
542f5aef-b23f-4e34-a838-6f2b9205b3d6 Directory Synchronization Accounts Only used by Azure AD Connect service.
68239fa3-6b01-4396-aeb4-6af38a1b6abf Directory Readers Can read basic directory information. Commonly used to grant directory read access to applications and guests.
8c6a5c45-e93e-4f2b-81be-b57ad4c43ddd Privileged Role Administrator Can manage role assignments in Azure AD, and all aspects of Privileged Identity Management.
8f8a1cf4-d535-4ccd-8552-7267c7ee0a88 Helpdesk Administrator Can reset passwords for non-administrators and Helpdesk Administrators.
d96eb2b3-0970-4827-8f26-6008efd86511 Security Administrator Can read security information and reports, and manage configuration in Azure AD and Office 365.
Parameters
-Filter
The oData v3.0 filter statement. Controls which objects are returned.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
-InformationAction
Specifies how this cmdlet responds to an information event.
The acceptable values for this parameter are:
- Continue
- Ignore
- Inquire
- SilentlyContinue
- Stop
- Suspend
Parameter properties
| Type: | ActionPreference |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | infa |
Parameter sets
-InformationVariable
Specifies an information variable.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
| Aliases: | iv |
Parameter sets
-ObjectId
Specifies the ID of a directory role in Azure AD.
Parameter properties
| Type: | String |
| Default value: | None |
| Supports wildcards: | False |
| DontShow: | False |
Parameter sets
CommonParameters
This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutBuffer, -OutVariable, -PipelineVariable, -ProgressAction, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.
Notes
See the migration guide for Get-AzureADDirectoryRole to the Microsoft Graph PowerShell.
Related Links
Feedback
Was this page helpful?