Managing users in Microsoft 365 is an essential task for administrators. Whether it’s assigning licenses, updating user details, or troubleshooting, user management forms the backbone of any organization’s productivity ecosystem.
While the Microsoft 365 Admin Center provides a graphical interface for managing users, relying solely on it for repetitive or bulk tasks can be tedious. This is where Microsoft Graph PowerShell comes in, offering a robust, scriptable way to automate and streamline user management tasks.
In this article, we’ll focus on the Get-MgUser cmdlet, a powerful command that allows admins to retrieve and filter user information in Microsoft 365.
Microsoft 365 users are accounts that allow individuals to access services like Exchange Online, SharePoint, Teams, and OneDrive. These users can be employees, contractors, or even service accounts used by applications.
Administrators typically manage these accounts using the Microsoft 365 Admin Center, where they can:
The Get-MgUser cmdlet is part of the Microsoft Graph PowerShell module. It allows administrators to:
Before using the Get-MgUser cmdlet, you need to set up the Graph PowerShell module.
1. Install the Module
Run this command in PowerShell to install the module:
Install-Module Microsoft.Graph -Scope CurrentUser
2. Connect to Microsoft Graph
Once installed, connect to your Microsoft 365 tenant:
Connect-MgGraph -Scopes "User.Read.All"
3. Disconnect After Use
When finished, disconnect to secure your session:
Disconnect-MgGraph
The Get-MgUser cmdlet retrieves user data from Microsoft 365. Whether you need information about all users, specific users, or filtered subsets, this cmdlet offers flexibility and precision.
Cmdlet Syntax
Get-MgUser [-UserId <String>] [-Filter <String>] [All]
Let’s break down its usage with practical examples.
Practical Examples of Get-MgUser
To fetch all users in your Microsoft 365 tenant, use:
Get-MgUser -All
This command retrieves a complete list of users, including their display names, email addresses, and UPNs.
To get detailed information about a specific user by their unique ID:
Get-MgUser -UserId "<UserId>"
This command retrieves a complete list of users, including their display names, email addresses, and UPNs.
Instead of a user ID, you can fetch user details using the user principal name (email):
Get-MgUser -UserId "john.doe@contoso.com"
This is especially helpful when you don’t have the user ID handy.
To retrieve all enabled users, use the -Filter parameter:
Get-MgUser -Filter "accountEnabled eq true" -All
This command fetches users with active accounts. You can modify the filter for different attributes, like department or job title.
You can combine Get-MgUser with other cmdlets to fetch personal user info like UserPrinicpalName, DisplayName etc. For example, retrieving group owners and fetching their personal info:
Note: By default, Get-MgGroupOwner fetches only the User IDs.# Retrieve the detailed information of group owners
$owners = Get-MgGroupOwner -GroupId 'd420874b-edf7-4648-b0a0-07c254c376aa'
foreach ($owner in $owners) {
Get-MgUser -UserId $owner.Id | Select-Object DisplayName, Mail, UserPrincipalName
}
The Get-MgUser cmdlet is an indispensable tool for Microsoft 365 administrators, offering powerful ways to automate user management. Whether retrieving all users, filtering based on attributes, or nesting it with other cmdlets for complex workflows, this cmdlet streamlines tasks and reduces manual effort.
By mastering Get-MgUser, you’ll not only save time but also unlock the full potential of Microsoft Graph PowerShell for managing users effectively. Ready to give it a try?
© Your Site Name. All Rights Reserved. Design by HTML Codex