Share via


Microsoft.Graph.Identity.DirectoryManagement Module

Microsoft Graph PowerShell Cmdlets

Microsoft.Graph.Identity.DirectoryManagement Cmdlets

Cmdlet Description
Confirm-MgContactMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaContactMemberGroup

Confirm-MgContactMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaContactMemberObject

Confirm-MgContractMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaContractMemberGroup

Confirm-MgContractMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaContractMemberObject

Confirm-MgDeviceMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDeviceMemberGroup

Confirm-MgDeviceMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDeviceMemberObject

Confirm-MgDirectoryDeletedItemMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryDeletedItemMemberGroup

Confirm-MgDirectoryDeletedItemMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryDeletedItemMemberObject

Confirm-MgDirectoryRoleMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryRoleMemberGroup

Confirm-MgDirectoryRoleMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryRoleMemberObject

Confirm-MgDirectoryRoleTemplateMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryRoleTemplateMemberGroup

Confirm-MgDirectoryRoleTemplateMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDirectoryRoleTemplateMemberObject

Confirm-MgDomain

Validate the ownership of a domain. This operation only applies to an unverified domain. For an unverified domain, the isVerified property is false.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaDomain

Confirm-MgOrganizationMemberGroup

Check for membership in a specified list of group IDs, and return from that list the IDs of groups where a specified object is a member. The specified object can be of one of the following types:- user- group- service principal- organizational contact- device- directory object This function is transitive. You can check up to a maximum of 20 groups per request. This function supports all groups provisioned in Microsoft Entra ID. Because Microsoft 365 groups cannot contain other groups, membership in a Microsoft 365 group is always direct.

Note

To view the beta release of this cmdlet, view Confirm-MgBetaOrganizationMemberGroup

Confirm-MgOrganizationMemberObject

Invoke action checkMemberObjects

Note

To view the beta release of this cmdlet, view Confirm-MgBetaOrganizationMemberObject

Find-MgTenantRelationshipTenantInformationByDomainName

Given a domain name, search for a tenant and read its tenantInformation. You can use this API to validate tenant information and use the tenantId to configure cross-tenant access settings between you and the tenant.

Note

To view the beta release of this cmdlet, view Find-MgBetaTenantRelationshipTenantInformationByDomainName

Find-MgTenantRelationshipTenantInformationByTenantId

Given a tenant ID, search for a tenant and read its tenantInformation. You can use this API to validate tenant information and use the tenantId to configure cross-tenant cross-tenant access settings between you and the tenant.

Note

To view the beta release of this cmdlet, view Find-MgBetaTenantRelationshipTenantInformationByTenantId

Get-MgAdminPeople

Retrieve the properties and relationships of a peopleAdminSettings object.

Note

To view the beta release of this cmdlet, view Get-MgBetaAdminPeople

Get-MgAdminPeopleItemInsight

Get the properties of an insightsSettings object to display or return item insights in an organization. To learn how to customize the privacy of item insights in an organization, see Customize item insights privacy in Microsoft Graph.

Note

To view the beta release of this cmdlet, view Get-MgBetaAdminPeopleItemInsight

Get-MgAdminPeopleProfileCardProperty

Retrieve the properties of a profileCardProperty entity. The profileCardProperty is identified by its directoryPropertyName property.

Note

To view the beta release of this cmdlet, view Get-MgBetaAdminPeopleProfileCardProperty

Get-MgAdminPeopleProfileCardPropertyCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaAdminPeopleProfileCardPropertyCount

Get-MgAdminPeoplePronoun

Get the properties of the pronounsSettings resource for an organization. For more information on settings to manage pronouns support, see Manage pronouns settings for an organization using the Microsoft Graph API.

Note

To view the beta release of this cmdlet, view Get-MgBetaAdminPeoplePronoun

Get-MgContact

Get the properties and relationships of an organizational contact.

Note

To view the beta release of this cmdlet, view Get-MgBetaContact

Get-MgContactById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaContactById

Get-MgContactCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactCount

Get-MgContactDelta

Get newly created, updated, or deleted organizational contacts without having to perform a full read of the entire collection. For more information, see Use delta query to track changes in Microsoft Graph data for details.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDelta

Get-MgContactDirectReport

The contact's direct reports. (The users and contacts that have their manager property set to this contact.) Read-only. Nullable. Supports $expand.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDirectReport

Get-MgContactDirectReportAsOrgContact

Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDirectReportAsOrgContact

Get-MgContactDirectReportAsUser

Get the item of type microsoft.graph.directoryObject as microsoft.graph.user

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDirectReportAsUser

Get-MgContactDirectReportCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDirectReportCount

Get-MgContactDirectReportCountAsOrgContact

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDirectReportCountAsOrgContact

Get-MgContactDirectReportCountAsUser

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactDirectReportCountAsUser

Get-MgContactManager

Get this organizational contact's manager.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactManager

Get-MgContactMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberGroup

Get-MgContactMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberObject

Get-MgContactMemberOf

Groups that this contact is a member of. Read-only. Nullable. Supports $expand.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberOf

Get-MgContactMemberOfAsAdministrativeUnit

Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberOfAsAdministrativeUnit

Get-MgContactMemberOfAsGroup

Get the item of type microsoft.graph.directoryObject as microsoft.graph.group

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberOfAsGroup

Get-MgContactMemberOfCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberOfCount

Get-MgContactMemberOfCountAsAdministrativeUnit

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberOfCountAsAdministrativeUnit

Get-MgContactMemberOfCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactMemberOfCountAsGroup

Get-MgContactServiceProvisioningError

Errors published by a federated service describing a non-transient, service-specific error regarding the properties or link from an organizational contact object . Supports $filter (eq, not, for isResolved and serviceInstance).

Note

To view the beta release of this cmdlet, view Get-MgBetaContactServiceProvisioningError

Get-MgContactServiceProvisioningErrorCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactServiceProvisioningErrorCount

Get-MgContactTransitiveMemberOf

Groups that this contact is a member of, including groups that the contact is nested under. Read-only. Nullable.

Note

To view the beta release of this cmdlet, view Get-MgBetaContactTransitiveMemberOf

Get-MgContactTransitiveMemberOfAsAdministrativeUnit

Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit

Note

To view the beta release of this cmdlet, view Get-MgBetaContactTransitiveMemberOfAsAdministrativeUnit

Get-MgContactTransitiveMemberOfAsGroup

Get the item of type microsoft.graph.directoryObject as microsoft.graph.group

Note

To view the beta release of this cmdlet, view Get-MgBetaContactTransitiveMemberOfAsGroup

Get-MgContactTransitiveMemberOfCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactTransitiveMemberOfCount

Get-MgContactTransitiveMemberOfCountAsAdministrativeUnit

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactTransitiveMemberOfCountAsAdministrativeUnit

Get-MgContactTransitiveMemberOfCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContactTransitiveMemberOfCountAsGroup

Get-MgContract

Retrieve the properties and relationships of contract object.

Note

To view the beta release of this cmdlet, view Get-MgBetaContract

Get-MgContractById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaContractById

Get-MgContractCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaContractCount

Get-MgContractDelta

Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information, see Use delta query to track changes in Microsoft Graph data for details.

Note

To view the beta release of this cmdlet, view Get-MgBetaContractDelta

Get-MgContractMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaContractMemberGroup

Get-MgContractMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaContractMemberObject

Get-MgDevice

Get the properties and relationships of a device object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDevice

Get-MgDeviceByDeviceId

Get the properties and relationships of a device object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceByDeviceId

Get-MgDeviceById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceById

Get-MgDeviceCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceCount

Get-MgDeviceDelta

Get newly created, updated, or deleted devices without performing a full read of the entire resource collection. For more information, see Use delta query to track changes in Microsoft Graph data for details.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceDelta

Get-MgDeviceExtension

The collection of open extensions defined for the device. Read-only. Nullable.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceExtension

Get-MgDeviceExtensionCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceExtensionCount

Get-MgDeviceMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberGroup

Get-MgDeviceMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberObject

Get-MgDeviceMemberOf

Groups and administrative units that this device is a member of. Read-only. Nullable. Supports $expand.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberOf

Get-MgDeviceMemberOfAsAdministrativeUnit

Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberOfAsAdministrativeUnit

Get-MgDeviceMemberOfAsGroup

Get groups and administrative units that this device is a direct member of. This operation is not transitive.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberOfAsGroup

Get-MgDeviceMemberOfCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberOfCount

Get-MgDeviceMemberOfCountAsAdministrativeUnit

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberOfCountAsAdministrativeUnit

Get-MgDeviceMemberOfCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceMemberOfCountAsGroup

Get-MgDeviceRegisteredOwner

Retrieve a list of users that are registered owners of the device. A registered owner is the user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Currently, there can be only one owner.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwner

Get-MgDeviceRegisteredOwnerAsAppRoleAssignment

Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerAsAppRoleAssignment

Get-MgDeviceRegisteredOwnerAsEndpoint

Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerAsEndpoint

Get-MgDeviceRegisteredOwnerAsServicePrincipal

Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerAsServicePrincipal

Get-MgDeviceRegisteredOwnerAsUser

Get the item of type microsoft.graph.directoryObject as microsoft.graph.user

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerAsUser

Get-MgDeviceRegisteredOwnerByRef

Retrieve a list of users that are registered owners of the device. A registered owner is the user that cloud joined the device or registered their personal device. The registered owner is set at the time of registration. Currently, there can be only one owner.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerByRef

Get-MgDeviceRegisteredOwnerCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerCount

Get-MgDeviceRegisteredOwnerCountAsAppRoleAssignment

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerCountAsAppRoleAssignment

Get-MgDeviceRegisteredOwnerCountAsEndpoint

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerCountAsEndpoint

Get-MgDeviceRegisteredOwnerCountAsServicePrincipal

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerCountAsServicePrincipal

Get-MgDeviceRegisteredOwnerCountAsUser

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredOwnerCountAsUser

Get-MgDeviceRegisteredUser

Retrieve a list of users that are registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUser

Get-MgDeviceRegisteredUserAsAppRoleAssignment

Get the item of type microsoft.graph.directoryObject as microsoft.graph.appRoleAssignment

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserAsAppRoleAssignment

Get-MgDeviceRegisteredUserAsEndpoint

Get the item of type microsoft.graph.directoryObject as microsoft.graph.endpoint

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserAsEndpoint

Get-MgDeviceRegisteredUserAsServicePrincipal

Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserAsServicePrincipal

Get-MgDeviceRegisteredUserAsUser

Get the item of type microsoft.graph.directoryObject as microsoft.graph.user

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserAsUser

Get-MgDeviceRegisteredUserByRef

Retrieve a list of users that are registered users of the device. For cloud joined devices and registered personal devices, registered users are set to the same value as registered owners at the time of registration.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserByRef

Get-MgDeviceRegisteredUserCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserCount

Get-MgDeviceRegisteredUserCountAsAppRoleAssignment

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserCountAsAppRoleAssignment

Get-MgDeviceRegisteredUserCountAsEndpoint

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserCountAsEndpoint

Get-MgDeviceRegisteredUserCountAsServicePrincipal

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserCountAsServicePrincipal

Get-MgDeviceRegisteredUserCountAsUser

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceRegisteredUserCountAsUser

Get-MgDeviceTransitiveMemberOf

Groups and administrative units that the device is a member of. This operation is transitive. Supports $expand.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceTransitiveMemberOf

Get-MgDeviceTransitiveMemberOfAsAdministrativeUnit

Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceTransitiveMemberOfAsAdministrativeUnit

Get-MgDeviceTransitiveMemberOfAsGroup

Get the groups and administrative units that the device is a member of. This API request is transitive, and will also return all groups and administrative units the device is a nested member of.

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceTransitiveMemberOfAsGroup

Get-MgDeviceTransitiveMemberOfCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceTransitiveMemberOfCount

Get-MgDeviceTransitiveMemberOfCountAsAdministrativeUnit

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceTransitiveMemberOfCountAsAdministrativeUnit

Get-MgDeviceTransitiveMemberOfCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDeviceTransitiveMemberOfCountAsGroup

Get-MgDirectory

Get directory

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectory

Get-MgDirectoryAdministrativeUnit

Retrieve the properties and relationships of an administrativeUnit object. The administrativeUnit resource supports extensions, which also allows you to use the GET operation to get custom properties and extension data in an administrativeUnit instance.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnit

Get-MgDirectoryAdministrativeUnitCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitCount

Get-MgDirectoryAdministrativeUnitDelta

Invoke function delta

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitDelta

Get-MgDirectoryAdministrativeUnitExtension

The collection of open extensions defined for this administrative unit. Nullable.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitExtension

Get-MgDirectoryAdministrativeUnitExtensionCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitExtensionCount

Get-MgDirectoryAdministrativeUnitMember

Use this API to get the members list (users, groups, or devices) in an administrative unit.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMember

Get-MgDirectoryAdministrativeUnitMemberAsApplication

Get the item of type microsoft.graph.directoryObject as microsoft.graph.application

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberAsApplication

Get-MgDirectoryAdministrativeUnitMemberAsDevice

Get the item of type microsoft.graph.directoryObject as microsoft.graph.device

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberAsDevice

Get-MgDirectoryAdministrativeUnitMemberAsGroup

Get the item of type microsoft.graph.directoryObject as microsoft.graph.group

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberAsGroup

Get-MgDirectoryAdministrativeUnitMemberAsOrgContact

Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberAsOrgContact

Get-MgDirectoryAdministrativeUnitMemberAsServicePrincipal

Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberAsServicePrincipal

Get-MgDirectoryAdministrativeUnitMemberAsUser

Get the item of type microsoft.graph.directoryObject as microsoft.graph.user

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberAsUser

Get-MgDirectoryAdministrativeUnitMemberByRef

Use this API to get the members list (users, groups, or devices) in an administrative unit.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberByRef

Get-MgDirectoryAdministrativeUnitMemberCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCount

Get-MgDirectoryAdministrativeUnitMemberCountAsApplication

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCountAsApplication

Get-MgDirectoryAdministrativeUnitMemberCountAsDevice

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCountAsDevice

Get-MgDirectoryAdministrativeUnitMemberCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCountAsGroup

Get-MgDirectoryAdministrativeUnitMemberCountAsOrgContact

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCountAsOrgContact

Get-MgDirectoryAdministrativeUnitMemberCountAsServicePrincipal

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCountAsServicePrincipal

Get-MgDirectoryAdministrativeUnitMemberCountAsUser

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitMemberCountAsUser

Get-MgDirectoryAdministrativeUnitScopedRoleMember

Get a Microsoft Entra role assignment with administrative unit scope.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitScopedRoleMember

Get-MgDirectoryAdministrativeUnitScopedRoleMemberCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAdministrativeUnitScopedRoleMemberCount

Get-MgDirectoryAttributeSet

Read the properties and relationships of an attributeSet object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAttributeSet

Get-MgDirectoryAttributeSetCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryAttributeSetCount

Get-MgDirectoryCustomSecurityAttributeDefinition

Read the properties and relationships of a customSecurityAttributeDefinition object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryCustomSecurityAttributeDefinition

Get-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue

Read the properties and relationships of an allowedValue object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue

Get-MgDirectoryCustomSecurityAttributeDefinitionAllowedValueCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValueCount

Get-MgDirectoryCustomSecurityAttributeDefinitionCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryCustomSecurityAttributeDefinitionCount

Get-MgDirectoryDeletedItem

Retrieve the properties of a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Retrieve the properties of a recently deleted directory object from deleted items. The following types are supported:- administrativeUnit- application- certificateBasedAuthPki- certificateAuthorityDetail- group- servicePrincipal- user

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItem

Get-MgDirectoryDeletedItemAsAdministrativeUnit

Get the item of type microsoft.graph.directoryObject as microsoft.graph.administrativeUnit

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemAsAdministrativeUnit

Get-MgDirectoryDeletedItemAsApplication

Get the item of type microsoft.graph.directoryObject as microsoft.graph.application

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemAsApplication

Get-MgDirectoryDeletedItemAsDevice

Get the item of type microsoft.graph.directoryObject as microsoft.graph.device

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemAsDevice

Get-MgDirectoryDeletedItemAsGroup

Retrieve a list of recently deleted directory objects. Currently, deleted items functionality is only supported for the application, servicePrincipal, group, administrative unit, and user resources. Retrieve a list of recently deleted directory objects from deleted items. The following types are supported:- administrativeUnit- application- certificateBasedAuthPki- certificateAuthorityDetail- group- servicePrincipal- user

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemAsGroup

Get-MgDirectoryDeletedItemAsServicePrincipal

Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemAsServicePrincipal

Get-MgDirectoryDeletedItemAsUser

Get the item of type microsoft.graph.directoryObject as microsoft.graph.user

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemAsUser

Get-MgDirectoryDeletedItemById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemById

Get-MgDirectoryDeletedItemCountAsAdministrativeUnit

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemCountAsAdministrativeUnit

Get-MgDirectoryDeletedItemCountAsApplication

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemCountAsApplication

Get-MgDirectoryDeletedItemCountAsDevice

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemCountAsDevice

Get-MgDirectoryDeletedItemCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemCountAsGroup

Get-MgDirectoryDeletedItemCountAsServicePrincipal

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemCountAsServicePrincipal

Get-MgDirectoryDeletedItemCountAsUser

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemCountAsUser

Get-MgDirectoryDeletedItemMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemMemberGroup

Get-MgDirectoryDeletedItemMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeletedItemMemberObject

Get-MgDirectoryDeviceLocalCredential

Retrieve the properties of a deviceLocalCredentialInfo for a specified device object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeviceLocalCredential

Get-MgDirectoryDeviceLocalCredentialCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryDeviceLocalCredentialCount

Get-MgDirectoryFederationConfiguration

Configure domain federation with organizations whose identity provider (IdP) supports either the SAML or WS-Fed protocol.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryFederationConfiguration

Get-MgDirectoryFederationConfigurationCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryFederationConfigurationCount

Get-MgDirectoryOnPremiseSynchronization

Read the properties and relationships of an onPremisesDirectorySynchronization object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryOnPremiseSynchronization

Get-MgDirectoryOnPremiseSynchronizationCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryOnPremiseSynchronizationCount

Get-MgDirectoryPublicKeyInfrastructure

The collection of public key infrastructure instances for the certificate-based authentication feature for users in a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryPublicKeyInfrastructure

Get-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Read the properties and relationships of a certificateBasedAuthPki object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Get-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfigurationCertificateAuthority

The collection of certificate authorities contained in this public key infrastructure resource.

Get-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfigurationCertificateAuthorityCount

Get the number of the resource

Get-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfigurationCount

Get the number of the resource

Get-MgDirectoryRole

Retrieve the properties of a directoryRole object. The role must be activated in tenant for a successful response. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRole

Get-MgDirectoryRoleById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleById

Get-MgDirectoryRoleByRoleTemplateId

Retrieve the properties of a directoryRole object. The role must be activated in tenant for a successful response. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleByRoleTemplateId

Get-MgDirectoryRoleCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleCount

Get-MgDirectoryRoleDelta

Get newly created, updated, or deleted directory roles without having to perform a full read of the entire resource collection. For more information, see Use delta query to track changes in Microsoft Graph data for details.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleDelta

Get-MgDirectoryRoleMember

Retrieve the list of principals that are assigned to the directory role. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMember

Get-MgDirectoryRoleMemberAsApplication

Get the item of type microsoft.graph.directoryObject as microsoft.graph.application

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberAsApplication

Get-MgDirectoryRoleMemberAsDevice

Get the item of type microsoft.graph.directoryObject as microsoft.graph.device

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberAsDevice

Get-MgDirectoryRoleMemberAsGroup

Get the item of type microsoft.graph.directoryObject as microsoft.graph.group

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberAsGroup

Get-MgDirectoryRoleMemberAsOrgContact

Get the item of type microsoft.graph.directoryObject as microsoft.graph.orgContact

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberAsOrgContact

Get-MgDirectoryRoleMemberAsServicePrincipal

Get the item of type microsoft.graph.directoryObject as microsoft.graph.servicePrincipal

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberAsServicePrincipal

Get-MgDirectoryRoleMemberAsUser

Get the item of type microsoft.graph.directoryObject as microsoft.graph.user

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberAsUser

Get-MgDirectoryRoleMemberByRef

Retrieve the list of principals that are assigned to the directory role. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberByRef

Get-MgDirectoryRoleMemberCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCount

Get-MgDirectoryRoleMemberCountAsApplication

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCountAsApplication

Get-MgDirectoryRoleMemberCountAsDevice

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCountAsDevice

Get-MgDirectoryRoleMemberCountAsGroup

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCountAsGroup

Get-MgDirectoryRoleMemberCountAsOrgContact

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCountAsOrgContact

Get-MgDirectoryRoleMemberCountAsServicePrincipal

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCountAsServicePrincipal

Get-MgDirectoryRoleMemberCountAsUser

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberCountAsUser

Get-MgDirectoryRoleMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberGroup

Get-MgDirectoryRoleMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleMemberObject

Get-MgDirectoryRoleScopedMember

Members of this directory role that are scoped to administrative units. Read-only. Nullable.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleScopedMember

Get-MgDirectoryRoleScopedMemberCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleScopedMemberCount

Get-MgDirectoryRoleTemplate

Retrieve the properties and relationships of a directoryroletemplate object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleTemplate

Get-MgDirectoryRoleTemplateById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleTemplateById

Get-MgDirectoryRoleTemplateCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleTemplateCount

Get-MgDirectoryRoleTemplateDelta

Get newly created, updated, or deleted directory objects without performing a full read of the entire directoryObject collection. For more information, see Use delta query to track changes in Microsoft Graph data for details.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleTemplateDelta

Get-MgDirectoryRoleTemplateMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleTemplateMemberGroup

Get-MgDirectoryRoleTemplateMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectoryRoleTemplateMemberObject

Get-MgDirectorySubscription

Get a specific commercial subscription that an organization acquired.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectorySubscription

Get-MgDirectorySubscriptionByCommerceSubscriptionId

Get a specific commercial subscription that an organization acquired.

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectorySubscriptionByCommerceSubscriptionId

Get-MgDirectorySubscriptionCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDirectorySubscriptionCount

Get-MgDomain

Retrieve the properties and relationships of domain object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDomain

Get-MgDomainCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainCount

Get-MgDomainFederationConfiguration

Read the properties and relationships of an internalDomainFederation object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainFederationConfiguration

Get-MgDomainFederationConfigurationCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainFederationConfigurationCount

Get-MgDomainNameReference

The objects such as users and groups that reference the domain ID. Read-only, Nullable. Doesn't support $expand. Supports $filter by the OData type of objects returned. For example, /domains/{domainId}/domainNameReferences/microsoft.graph.user and /domains/{domainId}/domainNameReferences/microsoft.graph.group.

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainNameReference

Get-MgDomainNameReferenceCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainNameReferenceCount

Get-MgDomainRootDomain

Get the root domain of a subdomain. This API returns a single object.

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainRootDomain

Get-MgDomainServiceConfigurationRecord

DNS records the customer adds to the DNS zone file of the domain before the domain can be used by Microsoft Online services. Read-only, Nullable. Doesn't support $expand.

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainServiceConfigurationRecord

Get-MgDomainServiceConfigurationRecordCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainServiceConfigurationRecordCount

Get-MgDomainVerificationDnsRecord

DNS records that the customer adds to the DNS zone file of the domain before the customer can complete domain ownership verification with Microsoft Entra ID. Read-only, Nullable. Doesn't support $expand.

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainVerificationDnsRecord

Get-MgDomainVerificationDnsRecordCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaDomainVerificationDnsRecordCount

Get-MgOrganization

Read properties and relationships of the organization object.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganization

Get-MgOrganizationBranding

Retrieve the default organizational branding object, if the Accept-Language header is set to 0 or default. If no default organizational branding object exists, this method returns a 404 Not Found error. If the Accept-Language header is set to an existing locale identified by the value of its id, this method retrieves the branding for the specified locale. This method retrieves only non-Stream properties, for example, usernameHintText and signInPageText. To retrieve Stream types of the default branding, for example, bannerLogo and backgroundImage, use the GET organizationalBrandingLocalization method.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBranding

Get-MgOrganizationBrandingBackgroundImage

Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image reduces bandwidth requirements and make the page load faster.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingBackgroundImage

Get-MgOrganizationBrandingBannerLogo

A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingBannerLogo

Get-MgOrganizationBrandingCustomCss

CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingCustomCss

Get-MgOrganizationBrandingFavicon

A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingFavicon

Get-MgOrganizationBrandingHeaderLogo

A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingHeaderLogo

Get-MgOrganizationBrandingLocalization

Read the properties and relationships of an organizationalBrandingLocalization object. To retrieve a localization branding object, specify the value of id in the URL.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalization

Get-MgOrganizationBrandingLocalizationBackgroundImage

Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image reduces bandwidth requirements and make the page load faster.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationBackgroundImage

Get-MgOrganizationBrandingLocalizationBannerLogo

Read the properties and relationships of an organizationalBrandingLocalization object. To retrieve a localization branding object, specify the value of id in the URL.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationBannerLogo

Get-MgOrganizationBrandingLocalizationCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationCount

Get-MgOrganizationBrandingLocalizationCustomCss

CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationCustomCss

Get-MgOrganizationBrandingLocalizationFavicon

A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationFavicon

Get-MgOrganizationBrandingLocalizationHeaderLogo

A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationHeaderLogo

Get-MgOrganizationBrandingLocalizationSquareLogo

A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationSquareLogo

Get-MgOrganizationBrandingLocalizationSquareLogoDark

A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingLocalizationSquareLogoDark

Get-MgOrganizationBrandingSquareLogo

A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingSquareLogo

Get-MgOrganizationBrandingSquareLogoDark

A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationBrandingSquareLogoDark

Get-MgOrganizationById

Return the directory objects specified in a list of IDs. Only a subset of user properties are returned by default in v1.0. Some common uses for this function are to:

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationById

Get-MgOrganizationCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationCount

Get-MgOrganizationExtension

The collection of open extensions defined for the organization. Read-only. Nullable.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationExtension

Get-MgOrganizationExtensionCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationExtensionCount

Get-MgOrganizationMemberGroup

Return all the group IDs for the groups that the specified user, group, service principal, organizational contact, device, or directory object is a member of. This function is transitive. This API returns up to 11,000 group IDs. If more than 11,000 results are available, it returns a 400 Bad Request error with the DirectoryResultSizeLimitExceeded error code. If you get the DirectoryResultSizeLimitExceeded error code, use the List group transitive memberOf API instead.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationMemberGroup

Get-MgOrganizationMemberObject

Return all IDs for the groups, administrative units, and directory roles that an object of one of the following types is a member of:- user- group- service principal- organizational contact- device- directory object This function is transitive. Only users and role-enabled groups can be members of directory roles.

Note

To view the beta release of this cmdlet, view Get-MgBetaOrganizationMemberObject

Get-MgSubscribedSku

Get a specific commercial subscription that an organization has acquired.

Note

To view the beta release of this cmdlet, view Get-MgBetaSubscribedSku

Get-MgUserScopedRoleMemberOf

Get scopedRoleMemberOf from users

Note

To view the beta release of this cmdlet, view Get-MgBetaUserScopedRoleMemberOf

Get-MgUserScopedRoleMemberOfCount

Get the number of the resource

Note

To view the beta release of this cmdlet, view Get-MgBetaUserScopedRoleMemberOfCount

Invoke-MgAvailableDirectoryFederationConfigurationProviderType

Get all identity providers supported in a directory.

Note

To view the beta release of this cmdlet, view Invoke-MgBetaAvailableDirectoryFederationConfigurationProviderType

Invoke-MgForceDomainDelete

Delete a domain using an asynchronous long-running operation. Before performing this operation, you must update or remove any references to Exchange as the provisioning service. The following actions are performed as part of this operation: After the domain deletion completes, API operations for the deleted domain return an HTTP 404 status code. To verify deletion of a domain, you can perform a get domain operation.

Note

To view the beta release of this cmdlet, view Invoke-MgBetaForceDomainDelete

Invoke-MgPromoteDomain

Promote a verified subdomain to the root domain. A verified domain has its isVerified property set to true.

Note

To view the beta release of this cmdlet, view Invoke-MgBetaPromoteDomain

Invoke-MgRetryContactServiceProvisioning

Invoke action retryServiceProvisioning

Note

To view the beta release of this cmdlet, view Invoke-MgBetaRetryContactServiceProvisioning

Invoke-MgUploadDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Append additional certificate authority details to a certificateBasedAuthPki resource. Only one operation can run at a time and this operation can take up to 30 minutes to complete. To know whether another upload is in progress, call the Get certificateBasedAuthPki. The status property will have the value running.

New-MgAdminPeopleProfileCardProperty

Create a new profileCardProperty for an organization. The new property is identified by its directoryPropertyName property. For more information about how to add properties to the profile card for an organization, see Add or remove custom attributes on a profile card using the profile card API.

Note

To view the beta release of this cmdlet, view New-MgBetaAdminPeopleProfileCardProperty

New-MgContract

Add new entity to contracts

Note

To view the beta release of this cmdlet, view New-MgBetaContract

New-MgDevice

Create and register a new device in the organization.

Note

To view the beta release of this cmdlet, view New-MgBetaDevice

New-MgDeviceExtension

Create new navigation property to extensions for devices

Note

To view the beta release of this cmdlet, view New-MgBetaDeviceExtension

New-MgDeviceRegisteredOwnerByRef

Add a user as a registered owner of the device.

Note

To view the beta release of this cmdlet, view New-MgBetaDeviceRegisteredOwnerByRef

New-MgDeviceRegisteredUserByRef

Add a registered user for the device.

Note

To view the beta release of this cmdlet, view New-MgBetaDeviceRegisteredUserByRef

New-MgDirectoryAdministrativeUnit

Create a new administrativeUnit.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryAdministrativeUnit

New-MgDirectoryAdministrativeUnitExtension

Create new navigation property to extensions for directory

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryAdministrativeUnitExtension

New-MgDirectoryAdministrativeUnitMember

Use this API to add a member (user, group, or device) to an administrative unit. Currently it's only possible to add one member at a time to an administrative unit.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryAdministrativeUnitMember

New-MgDirectoryAdministrativeUnitMemberByRef

Use this API to add a member (user, group, or device) to an administrative unit. Currently it's only possible to add one member at a time to an administrative unit.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryAdministrativeUnitMemberByRef

New-MgDirectoryAdministrativeUnitScopedRoleMember

Assign a Microsoft Entra role with administrative unit scope. For a list of roles that can be assigned with administrative unit scope, see Assign Microsoft Entra roles with administrative unit scope.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryAdministrativeUnitScopedRoleMember

New-MgDirectoryAttributeSet

Create a new attributeSet object.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryAttributeSet

New-MgDirectoryCustomSecurityAttributeDefinition

Create a new customSecurityAttributeDefinition object.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryCustomSecurityAttributeDefinition

New-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue

Create a new allowedValue object.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue

New-MgDirectoryDeviceLocalCredential

Create new navigation property to deviceLocalCredentials for directory

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryDeviceLocalCredential

New-MgDirectoryFederationConfiguration

Create new navigation property to federationConfigurations for directory

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryFederationConfiguration

New-MgDirectoryOnPremiseSynchronization

Create new navigation property to onPremisesSynchronization for directory

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryOnPremiseSynchronization

New-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Create a new certificateBasedAuthPki object.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

New-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfigurationCertificateAuthority

Create a new certificateAuthorityDetail object.

New-MgDirectoryRole

Activate a directory role. To read a directory role or update its members, it must first be activated in the tenant. The Company Administrators and the implicit user directory roles (User, Guest User, and Restricted Guest User roles) are activated by default. To access and assign members to other directory roles, you must first activate it with its corresponding directory role template ID.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryRole

New-MgDirectoryRoleMemberByRef

Create a new directory role member. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryRoleMemberByRef

New-MgDirectoryRoleScopedMember

Create new navigation property to scopedMembers for directoryRoles

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryRoleScopedMember

New-MgDirectoryRoleTemplate

Add new entity to directoryRoleTemplates

Note

To view the beta release of this cmdlet, view New-MgBetaDirectoryRoleTemplate

New-MgDirectorySubscription

Create new navigation property to subscriptions for directory

Note

To view the beta release of this cmdlet, view New-MgBetaDirectorySubscription

New-MgDomain

Adds a domain to the tenant. Important: You cannot use an associated domain with your Microsoft Entra tenant until ownership is verified. See List verificationDnsRecords for details. Root domains require verification. For example, contoso.com requires verification. If a root domain is verified, subdomains of the root domain are automatically verified. For example, subdomain.contoso.com is automatically be verified if contoso.com has been verified.

Note

To view the beta release of this cmdlet, view New-MgBetaDomain

New-MgDomainFederationConfiguration

Create a new internalDomainFederation object.

Note

To view the beta release of this cmdlet, view New-MgBetaDomainFederationConfiguration

New-MgDomainServiceConfigurationRecord

Create new navigation property to serviceConfigurationRecords for domains

Note

To view the beta release of this cmdlet, view New-MgBetaDomainServiceConfigurationRecord

New-MgDomainVerificationDnsRecord

Create new navigation property to verificationDnsRecords for domains

Note

To view the beta release of this cmdlet, view New-MgBetaDomainVerificationDnsRecord

New-MgOrganization

Add new entity to organization

Note

To view the beta release of this cmdlet, view New-MgBetaOrganization

New-MgOrganizationBrandingLocalization

Create a new organizationalBrandingLocalization object. This creates a localized branding and at the same time, the default branding if it doesn't exist. The default branding is created only once. It's loaded when a localized branding isn't configured for the user's browser language. To retrieve the default branding, see Get branding.

Note

To view the beta release of this cmdlet, view New-MgBetaOrganizationBrandingLocalization

New-MgOrganizationExtension

Create new navigation property to extensions for organization

Note

To view the beta release of this cmdlet, view New-MgBetaOrganizationExtension

New-MgSubscribedSku

Add new entity to subscribedSkus

Note

To view the beta release of this cmdlet, view New-MgBetaSubscribedSku

New-MgUserScopedRoleMemberOf

Create new navigation property to scopedRoleMemberOf for users

Note

To view the beta release of this cmdlet, view New-MgBetaUserScopedRoleMemberOf

Remove-MgAdminPeopleItemInsight

Delete navigation property itemInsights for admin

Note

To view the beta release of this cmdlet, view Remove-MgBetaAdminPeopleItemInsight

Remove-MgAdminPeopleProfileCardProperty

Delete the profileCardProperty object specified by its directoryPropertyName from the organization's profile card, and remove any localized customizations for that property.

Note

To view the beta release of this cmdlet, view Remove-MgBetaAdminPeopleProfileCardProperty

Remove-MgContract

Delete entity from contracts

Note

To view the beta release of this cmdlet, view Remove-MgBetaContract

Remove-MgDevice

Delete a registered device.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDevice

Remove-MgDeviceByDeviceId

Delete a registered device.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDeviceByDeviceId

Remove-MgDeviceExtension

Delete navigation property extensions for devices

Note

To view the beta release of this cmdlet, view Remove-MgBetaDeviceExtension

Remove-MgDeviceRegisteredOwnerDirectoryObjectByRef

Remove a user as a registered owner of the device.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDeviceRegisteredOwnerDirectoryObjectByRef

Remove-MgDeviceRegisteredUserDirectoryObjectByRef

Remove a user as a registered user of the device.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDeviceRegisteredUserDirectoryObjectByRef

Remove-MgDirectoryAdministrativeUnit

Delete an administrativeUnit.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryAdministrativeUnit

Remove-MgDirectoryAdministrativeUnitExtension

Delete navigation property extensions for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryAdministrativeUnitExtension

Remove-MgDirectoryAdministrativeUnitMemberDirectoryObjectByRef

Use this API to remove a member (user, group, or device) from an administrative unit.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryAdministrativeUnitMemberDirectoryObjectByRef

Remove-MgDirectoryAdministrativeUnitScopedRoleMember

Remove a Microsoft Entra role assignment with administrative unit scope.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryAdministrativeUnitScopedRoleMember

Remove-MgDirectoryAttributeSet

Delete navigation property attributeSets for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryAttributeSet

Remove-MgDirectoryCustomSecurityAttributeDefinition

Delete navigation property customSecurityAttributeDefinitions for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryCustomSecurityAttributeDefinition

Remove-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue

Delete navigation property allowedValues for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue

Remove-MgDirectoryDeletedItem

Permanently delete a recently deleted application, group, servicePrincipal, or user object from deleted items. After an item is permanently deleted, it cannot be restored. Permanently delete a recently deleted directory object from deleted items. The following types are supported:- certificateBasedAuthPki- certificateAuthorityDetail After an item is permanently deleted, it cannot be restored. Administrative units cannot be permanently deleted by using the deletedItems API. Soft-deleted administrative units will be permanently deleted 30 days after initial deletion unless they are restored.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryDeletedItem

Remove-MgDirectoryDeviceLocalCredential

Delete navigation property deviceLocalCredentials for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryDeviceLocalCredential

Remove-MgDirectoryFederationConfiguration

Delete a samlOrWsFedExternalDomainFederation object.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryFederationConfiguration

Remove-MgDirectoryOnPremiseSynchronization

Delete navigation property onPremisesSynchronization for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryOnPremiseSynchronization

Remove-MgDirectoryPublicKeyInfrastructure

Delete navigation property publicKeyInfrastructure for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryPublicKeyInfrastructure

Remove-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Delete a certificateBasedAuthPki object.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Remove-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfigurationCertificateAuthority

Delete a certificateAuthorityDetail object.

Remove-MgDirectoryRole

Delete entity from directoryRoles

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryRole

Remove-MgDirectoryRoleByRoleTemplateId

Delete entity from directoryRoles by roleTemplateId

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryRoleByRoleTemplateId

Remove-MgDirectoryRoleMemberDirectoryObjectByRef

Remove a member from a directoryRole. You can use both the object ID and template ID of the directoryRole with this API. The template ID of a built-in role is immutable and can be seen in the role description on the Microsoft Entra admin center. For details, see Role template IDs.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryRoleMemberDirectoryObjectByRef

Remove-MgDirectoryRoleScopedMember

Delete navigation property scopedMembers for directoryRoles

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryRoleScopedMember

Remove-MgDirectoryRoleTemplate

Delete entity from directoryRoleTemplates

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectoryRoleTemplate

Remove-MgDirectorySubscription

Delete navigation property subscriptions for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectorySubscription

Remove-MgDirectorySubscriptionByCommerceSubscriptionId

Delete navigation property subscriptions for directory

Note

To view the beta release of this cmdlet, view Remove-MgBetaDirectorySubscriptionByCommerceSubscriptionId

Remove-MgDomain

Delete a domain from a tenant.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDomain

Remove-MgDomainFederationConfiguration

Delete an internalDomainFederation object.

Note

To view the beta release of this cmdlet, view Remove-MgBetaDomainFederationConfiguration

Remove-MgDomainServiceConfigurationRecord

Delete navigation property serviceConfigurationRecords for domains

Note

To view the beta release of this cmdlet, view Remove-MgBetaDomainServiceConfigurationRecord

Remove-MgDomainVerificationDnsRecord

Delete navigation property verificationDnsRecords for domains

Note

To view the beta release of this cmdlet, view Remove-MgBetaDomainVerificationDnsRecord

Remove-MgOrganization

Delete entity from organization

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganization

Remove-MgOrganizationBranding

Delete the default organizational branding object. To delete the organizationalBranding object, all images (Stream types) must first be removed from the object.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBranding

Remove-MgOrganizationBrandingBackgroundImage

Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image reduces bandwidth requirements and make the page load faster.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingBackgroundImage

Remove-MgOrganizationBrandingBannerLogo

A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingBannerLogo

Remove-MgOrganizationBrandingCustomCss

CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingCustomCss

Remove-MgOrganizationBrandingFavicon

A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingFavicon

Remove-MgOrganizationBrandingHeaderLogo

A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingHeaderLogo

Remove-MgOrganizationBrandingLocalization

Delete a localized branding object. To delete the organizationalBrandingLocalization object, all images (Stream types) must first be removed from the object.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalization

Remove-MgOrganizationBrandingLocalizationBackgroundImage

Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image reduces bandwidth requirements and make the page load faster.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationBackgroundImage

Remove-MgOrganizationBrandingLocalizationBannerLogo

A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationBannerLogo

Remove-MgOrganizationBrandingLocalizationCustomCss

CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationCustomCss

Remove-MgOrganizationBrandingLocalizationFavicon

A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationFavicon

Remove-MgOrganizationBrandingLocalizationHeaderLogo

A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationHeaderLogo

Remove-MgOrganizationBrandingLocalizationSquareLogo

A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationSquareLogo

Remove-MgOrganizationBrandingLocalizationSquareLogoDark

A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingLocalizationSquareLogoDark

Remove-MgOrganizationBrandingSquareLogo

A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingSquareLogo

Remove-MgOrganizationBrandingSquareLogoDark

A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationBrandingSquareLogoDark

Remove-MgOrganizationExtension

Delete navigation property extensions for organization

Note

To view the beta release of this cmdlet, view Remove-MgBetaOrganizationExtension

Remove-MgSubscribedSku

Delete entity from subscribedSkus

Note

To view the beta release of this cmdlet, view Remove-MgBetaSubscribedSku

Remove-MgUserScopedRoleMemberOf

Delete navigation property scopedRoleMemberOf for users

Note

To view the beta release of this cmdlet, view Remove-MgBetaUserScopedRoleMemberOf

Restore-MgDirectoryDeletedItem

Restore a recently deleted application, group, servicePrincipal, administrative unit, or user object from deleted items. Restore a recently deleted directory object from deleted items. The following types are supported:- administrativeUnit- application- certificateBasedAuthPki- certificateAuthorityDetail- group- servicePrincipal

Note

To view the beta release of this cmdlet, view Restore-MgBetaDirectoryDeletedItem

Set-MgOrganizationBrandingBackgroundImage

Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image reduces bandwidth requirements and make the page load faster.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingBackgroundImage

Set-MgOrganizationBrandingBannerLogo

A banner version of your company logo that appears on the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingBannerLogo

Set-MgOrganizationBrandingCustomCss

CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingCustomCss

Set-MgOrganizationBrandingFavicon

A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingFavicon

Set-MgOrganizationBrandingHeaderLogo

A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingHeaderLogo

Set-MgOrganizationBrandingLocalizationBackgroundImage

Image that appears as the background of the sign-in page. The allowed types are PNG or JPEG not smaller than 300 KB and not larger than 1920 × 1080 pixels. A smaller image reduces bandwidth requirements and make the page load faster.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationBackgroundImage

Set-MgOrganizationBrandingLocalizationBannerLogo

Update the properties of an organizationalBrandingLocalization object for a specific localization.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationBannerLogo

Set-MgOrganizationBrandingLocalizationCustomCss

CSS styling that appears on the sign-in page. The allowed format is .css format only and not larger than 25 KB.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationCustomCss

Set-MgOrganizationBrandingLocalizationFavicon

A custom icon (favicon) to replace a default Microsoft product favicon on a Microsoft Entra tenant.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationFavicon

Set-MgOrganizationBrandingLocalizationHeaderLogo

A company logo that appears in the header of the sign-in page. The allowed types are PNG or JPEG not larger than 36 × 245 pixels. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationHeaderLogo

Set-MgOrganizationBrandingLocalizationSquareLogo

A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationSquareLogo

Set-MgOrganizationBrandingLocalizationSquareLogoDark

A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingLocalizationSquareLogoDark

Set-MgOrganizationBrandingSquareLogo

A square version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingSquareLogo

Set-MgOrganizationBrandingSquareLogoDark

A square dark version of your company logo that appears in Windows 10 out-of-box experiences (OOBE) and when Windows Autopilot is enabled for deployment. Allowed types are PNG or JPEG not larger than 240 x 240 pixels and not more than 10 KB in size. We recommend using a transparent image with no padding around the logo.

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationBrandingSquareLogoDark

Set-MgOrganizationMobileDeviceManagementAuthority

Set mobile device management authority

Note

To view the beta release of this cmdlet, view Set-MgBetaOrganizationMobileDeviceManagementAuthority

Test-MgContactProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaContactProperty

Test-MgContractProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaContractProperty

Test-MgDeviceProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaDeviceProperty

Test-MgDirectoryDeletedItemProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaDirectoryDeletedItemProperty

Test-MgDirectoryRoleProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaDirectoryRoleProperty

Test-MgDirectoryRoleTemplateProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaDirectoryRoleTemplateProperty

Test-MgOrganizationProperty

Validate that a Microsoft 365 group's display name or mail nickname complies with naming policies. Clients can use this API to determine whether a display name or mail nickname is valid before trying to create a Microsoft 365 group. To validate the properties of an existing group, use the group: validateProperties function. The following policy validations are performed for the display name and mail nickname properties:1. Validate the prefix and suffix naming policy2. Validate the custom banned words policy3. Validate that the mail nickname is unique This API only returns the first validation failure that is encountered. If the properties fail multiple validations, only the first validation failure is returned. However, you can validate both the mail nickname and the display name and receive a collection of validation errors if you're only validating the prefix and suffix naming policy. To learn more about configuring naming policies, see Configure naming policy.

Note

To view the beta release of this cmdlet, view Test-MgBetaOrganizationProperty

Update-MgAdminPeopleItemInsight

Update privacy settings to display or return the specified type of insights in an organization. Currently, itemInsights is the only supported type of settings. To learn more about customizing insights privacy for your organization, see Customize item insights privacy in Microsoft Graph.

Note

To view the beta release of this cmdlet, view Update-MgBetaAdminPeopleItemInsight

Update-MgAdminPeopleProfileCardProperty

Update the properties of a profileCardProperty object, identified by its directoryPropertyName property.

Note

To view the beta release of this cmdlet, view Update-MgBetaAdminPeopleProfileCardProperty

Update-MgAdminPeoplePronoun

Update the properties of a pronounsSettings object in an organization. For more information on settings to manage pronouns support, see Manage pronouns settings for an organization using the Microsoft Graph API.

Note

To view the beta release of this cmdlet, view Update-MgBetaAdminPeoplePronoun

Update-MgContract

Update entity in contracts

Note

To view the beta release of this cmdlet, view Update-MgBetaContract

Update-MgDevice

Update the properties of a registered device. Only certain properties of a device can be updated through approved Mobile Device Managment (MDM) apps.

Note

To view the beta release of this cmdlet, view Update-MgBetaDevice

Update-MgDeviceByDeviceId

Update the properties of a registered device. Only certain properties of a device can be updated through approved Mobile Device Managment (MDM) apps.

Note

To view the beta release of this cmdlet, view Update-MgBetaDeviceByDeviceId

Update-MgDeviceExtension

Update the navigation property extensions in devices

Note

To view the beta release of this cmdlet, view Update-MgBetaDeviceExtension

Update-MgDirectory

Update directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectory

Update-MgDirectoryAdministrativeUnit

Update the properties of an administrativeUnit object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryAdministrativeUnit

Update-MgDirectoryAdministrativeUnitExtension

Update the navigation property extensions in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryAdministrativeUnitExtension

Update-MgDirectoryAdministrativeUnitScopedRoleMember

Update the navigation property scopedRoleMembers in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryAdministrativeUnitScopedRoleMember

Update-MgDirectoryAttributeSet

Update the properties of an attributeSet object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryAttributeSet

Update-MgDirectoryCustomSecurityAttributeDefinition

Update the properties of a customSecurityAttributeDefinition object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryCustomSecurityAttributeDefinition

Update-MgDirectoryCustomSecurityAttributeDefinitionAllowedValue

Update the properties of an allowedValue object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryCustomSecurityAttributeDefinitionAllowedValue

Update-MgDirectoryDeviceLocalCredential

Update the navigation property deviceLocalCredentials in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryDeviceLocalCredential

Update-MgDirectoryFederationConfiguration

Update the navigation property federationConfigurations in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryFederationConfiguration

Update-MgDirectoryOnPremiseSynchronization

Update the properties of an onPremisesDirectorySynchronization object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryOnPremiseSynchronization

Update-MgDirectoryPublicKeyInfrastructure

Update the navigation property publicKeyInfrastructure in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryPublicKeyInfrastructure

Update-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Update the properties of a certificateBasedAuthPki object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryPublicKeyInfrastructureCertificateBasedAuthConfiguration

Update-MgDirectoryPublicKeyInfrastructureCertificateBasedAuthConfigurationCertificateAuthority

Update certificateAuthorityDetail

Update-MgDirectoryRole

Update entity in directoryRoles

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryRole

Update-MgDirectoryRoleByRoleTemplateId

Update entity in directoryRoles by roleTemplateId

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryRoleByRoleTemplateId

Update-MgDirectoryRoleScopedMember

Update the navigation property scopedMembers in directoryRoles

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryRoleScopedMember

Update-MgDirectoryRoleTemplate

Update entity in directoryRoleTemplates

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectoryRoleTemplate

Update-MgDirectorySubscription

Update the navigation property subscriptions in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectorySubscription

Update-MgDirectorySubscriptionByCommerceSubscriptionId

Update the navigation property subscriptions in directory

Note

To view the beta release of this cmdlet, view Update-MgBetaDirectorySubscriptionByCommerceSubscriptionId

Update-MgDomain

Update the properties of domain object. Only verified domains can be updated.

Note

To view the beta release of this cmdlet, view Update-MgBetaDomain

Update-MgDomainFederationConfiguration

Update the properties of an internalDomainFederation object.

Note

To view the beta release of this cmdlet, view Update-MgBetaDomainFederationConfiguration

Update-MgDomainServiceConfigurationRecord

Update the navigation property serviceConfigurationRecords in domains

Note

To view the beta release of this cmdlet, view Update-MgBetaDomainServiceConfigurationRecord

Update-MgDomainVerificationDnsRecord

Update the navigation property verificationDnsRecords in domains

Note

To view the beta release of this cmdlet, view Update-MgBetaDomainVerificationDnsRecord

Update-MgOrganization

Update the properties of the currently authenticated organization. In this case, organization is defined as a collection of exactly one record, and so its ID must be specified in the request. The ID is also known as the tenantId of the organization.

Note

To view the beta release of this cmdlet, view Update-MgBetaOrganization

Update-MgOrganizationBranding

Update the properties of the default branding object specified by the organizationalBranding resource.

Note

To view the beta release of this cmdlet, view Update-MgBetaOrganizationBranding

Update-MgOrganizationBrandingLocalization

Update the properties of an organizationalBrandingLocalization object for a specific localization.

Note

To view the beta release of this cmdlet, view Update-MgBetaOrganizationBrandingLocalization

Update-MgOrganizationExtension

Update the navigation property extensions in organization

Note

To view the beta release of this cmdlet, view Update-MgBetaOrganizationExtension

Update-MgSubscribedSku

Update entity in subscribedSkus

Note

To view the beta release of this cmdlet, view Update-MgBetaSubscribedSku

Update-MgUserScopedRoleMemberOf

Update the navigation property scopedRoleMemberOf in users

Note

To view the beta release of this cmdlet, view Update-MgBetaUserScopedRoleMemberOf