Report Entra Named Location, include IP addresses
- Feb 11
- 1 min read
Stuck trying to generate a report of Named Locations which will include start and end IP addresses? MS Graph can help, but there is a caveat since Named Locations and their IP addresses are in two separate places. Below is your solution, however, make sure you get and load these functions beforehand - Get-IPV4NetworkStartIP and Get-IPV4NetworkEndIP - else output will be partial.
$all_named_locations = (Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/namedLocations" -Method GET).value
$Named_locations_IP_ranges_report = @()
foreach ($named_location in $all_named_locations)
{
Write-host "Working on $($named_location['displayName']) ..." -ForegroundColor Green
$IP_ranges = (Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/v1.0/identity/conditionalAccess/namedLocations/$($named_location['id'])" -Method GET)['ipRanges']
foreach ($IP_range in $IP_ranges)
{
$Named_locations_IP_ranges_report += $named_location | Select @{N="displayName"; E={$named_location['displayName']}}, ` @{N="isTrusted"; E={$named_location['isTrusted']}}, ` @{N="cidrAddress"; E={$IP_range['cidrAddress']}}, ` @{N="StartIP"; E={if ($IP_range['cidrAddress'].Split('/')[1] -eq "32") {$IP_range['cidrAddress'].Split('/')[0]} else {(Get-IPV4NetworkStartIP $($IP_range['cidrAddress'])).IPAddressToString}}}, ` @{N="EndIP"; E={if ($IP_range['cidrAddress'].Split('/')[1] -eq "32") {$IP_range['cidrAddress'].Split('/')[0]} else {(Get-IPV4NetworkEndIP $($IP_range['cidrAddress'])).IPAddressToString}}}
} # end foreach IP range
} # end foreach named location
