Get-MgUserManagerByRef in PowerShell

The Get-MgUserManagerByRef cmdlet in Microsoft Graph PowerShell is used to retrieve the reference (object link) to a user’s manager. This cmdlet doesn’t return detailed manager information directly — instead, it provides the directory reference (an object ID) that can be used to fetch the manager’s details separately.

This makes it useful for scenarios where you need to trace or verify reporting hierarchies within your Microsoft 365 environment.

Cmdlet Syntax

Get-MgUserManagerByRef -UserId <String> [ <CommonParameters> ]

Parameters:

• -UserId → Specifies the user’s unique identifier (either the UserPrincipalName or Object ID).
• Common Parameters → Includes standard PowerShell parameters like -Verbose and -Debug.

Usage Examples

Let’s explore a few practical examples of how this cmdlet can be used.

Example 1: Get User Manager by UPN

Passing the user’s UserPrincipalName (UPN) to the -UserId parameter:

Get-MgUserManagerByRef -UserId dilly@w4l0s.onmicrosoft.com

Response:

You’ll receive a JSON-like output similar to this:

{
  "@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects/$entity",
  "@odata.id": "https://graph.microsoft.com/v2/fc9a387d-d725-42cc-97d0-da0929ca38ee/directoryObjects/4ca0af40-623c-4f4e-8166-c61a5499c883/Microsoft.DirectoryServices.User"
}
                            

In the response, the last User ID in the @odata.id URL —

4ca0af40-623c-4f4e-8166-c61a5499c883 — represents the manager’s user ID.

You can use this ID with the Get-MgUser cmdlet to fetch full manager details:

Get-MgUser -UserId 4ca0af40-623c-4f4e-8166-c61a5499c883

Example 2: Get User Manager by User ID

If you already have the user’s Object ID, you can pass it directly:

Get-MgUserManagerByRef -UserId 4ca0af40-623c-4f4e-8166-c61a5499c883

Response:

The response structure will be similar to the one above, again containing the manager’s object ID as the last part of the @odata.id field.

You can then run:

Get-MgUser -UserId <ManagerObjectID>
                            

to retrieve detailed information about that manager.

Note:

While Get-MgUserManagerByRef only returns a reference, the easier and more straightforward alternative is the Get-MgUserManager cmdlet.

Cmdlet Tips

• The cmdlet doesn’t return human-readable information — it provides a directory reference URL.
• To extract the manager’s details, always use the last GUID (user ID) in the @odata.id field.
• If you frequently need to retrieve manager details, consider using Get-MgUserManager instead — it simplifies the process.
• You can pipe results or automate extraction using string operations in PowerShell if you’re working with large user datasets.

Possible Errors and Solutions

Error	Cause	Solution
ResourceNotFound	The specified user does not have a manager assigned.	Assign a manager in Azure AD or check if the user’s manager field is empty.
Insufficient privileges to complete the operation	The account doesn’t have the right permissions.	Reconnect using Connect-MgGraph -Scopes "User.Read.All","Directory.Read.All".
Invalid user ID or UPN format	Typo or invalid parameter value in -UserId.	Verify the correct UPN or Object ID using Get-MgUser.
AccessDenied	The user context doesn’t have permission to view another user’s manager.	Ensure the signed-in user has directory read access in Microsoft Entra.

Conclusion

The Get-MgUserManagerByRef cmdlet is a valuable tool for retrieving a user’s manager reference in Microsoft 365 via Graph PowerShell. While it doesn’t directly display readable manager information, it provides the manager’s Object ID, which can then be passed to Get-MgUser to get detailed attributes.

For most administrators, the simpler approach is to use the Get-MgUserManager cmdlet.

Still, knowing how to use Get-MgUserManagerByRef can be helpful for automation scripts, data integrity checks, and Graph API troubleshooting where direct reference handling is required.