Graph is a pain to work with if you are like me and just a scripter
Takes a list of employee IDs via the $employeeIDs variable
Queries Azure AD via Microsoft Graph in batches of 20
Retrieves userPrincipalName, employeeId, accountEnabled,
and LastPasswordChangeDateTime
Outputs results to console and CSV
Connect-MgGraph -Scopes "User.Read.All"
$employeeIds = @"
EMPID
0000001
"@ | ConvertFrom-Csv
$employeeIds = $employeeIds.empid
# Create batch request body
$batchRequests = @()
$batchSize = 20 # Microsoft Graph allows up to 20 requests per batch
$idCounter = 1
for ($i = 0; $i -lt $employeeIds.Count; $i++) {
$request = @{
"id" = "$idCounter"
"method" = "GET"
"url" = "/users?`$filter=employeeId eq '$($employeeIds[$i])'&`$select=userPrincipalName,employeeId,accountEnabled,LastPasswordChangeDateTime"
}
$batchRequests += $request
$idCounter++
}
# Split into batches of 20 which i believe is the limit
$batchedResults = @()
for ($i = 0; $i -lt $batchRequests.Count; $i += $batchSize) {
$batchEnd = [Math]::Min($i + $batchSize, $batchRequests.Count)
$currentBatch = $batchRequests[$i..($batchEnd-1)]
$batchBody = @{
"requests" = $currentBatch
} | ConvertTo-Json -Depth 10
# Send batch request
$response = Invoke-MgGraphRequest -Method POST -Uri "https://graph.microsoft.com/v1.0/`$batch" -Body $batchBody
# Process responses
foreach ($resp in $response.responses) {
if ($resp.status -eq 200 -and $resp.body.value) {
$batchedResults += $resp.body.value | Select-Object @{
Name = "UserPrincipalName"; Expression = {$_.userPrincipalName}
}, @{
Name = "EmployeeID"; Expression = {$_.employeeId}
}, @{
Name = "AccountEnabled"; Expression = {$_.accountEnabled}
}, @{
Name = "LastPasswordChangeDateTime"; Expression = {$_.LastPasswordChangeDateTime}
}
}
}
}
#Tesults
$batchedResults | Format-Table -AutoSize
$batchedResults | Export-Csv -Path "C:\AzureAD_Employee_Search.csv" -NoTypeInformation
No comments:
Post a Comment