The Blog

For those who has to deal with Entra ID application consents and needs to report all app consent request - here is script you can use. Simply run it with appropriate Graph API permissions and Entra roles assigned. Report will be saved as $consentrequests variable, simply export to csv after running the script. $AppConsentRequests = Get-MgIdentityGovernanceAppConsentRequest -All $consentrequests = @() foreach ($AppConsentRequest in $AppConsentRequests) { $UserConsentRequest =

Entra-native accounts are often overlooked as many Identity Governance tools are focused on Active Directory accounts. Entra makes it easy to filter out Entra-native accounts in Entra Admin portal UI, but it's impossible to tell if account is a resource account or not. You can use below report to query all Entra-native accounts and see if account is associated with any EXO resource (like Shared Mailbox, Room Mailbox, or Scheduling Mailbox). Report will be saved as $cloud_user

Ever had a need to generate report of files shared in SharePoint Online and / or OneDrive for Business? Purview makes it easy , but report might take a while to run and downloadable report will need to be parsed in Excel, which might get time consuming with bunch of unnecessary clicks. Use below PowerShell script to easily query all sharing operations with nicely formatted output. Report is saved as @SPO_Sharing variable, just export to csv. Hope you'll find it useful! Cheers

When you're responsible for managing IT at a small or medium-sized business, you’re constantly balancing two critical goals: keeping your...

So, you've set up Microsoft 365 for your small business—great! You’ve connected your domain, added users, and everyone has their email up...

Unfortunately, Active Directory PowerShell Module doesn't include any cmdlets to report Active Directory ACLs. However, the good ole Get-ACL comes in handy and can be used to report AD permissions for any object. All you have to do is use AD: drive as follows: (Get-Acl -Path "AD:OU=ProdOU,DC=Contoso,DC=com").Access There is a catch though - the output doesn't look exactly like we used to seeing in UI. For example: ActiveDirectoryRights : ExtendedRights InheritanceType :

Entra ID To review admin consent requests in Entra ID, you have to drill down each request by following steps outlined in this article :...

Managed Identity Entra currently doesn't allow to add any permissions to Managed Identity via Entra Portal like you would normally do for app registration or service principal. However, you may have a need to assign permissions to Managed Identities, for example to one used in Azure Automation to automate various Entra tasks. As always, PowerShell to the rescue. Please use below code to get the job done, populate $TenantID, $GraphAppId, $DisplayNameOfMSI and $PermissionName $