Managing users in a Microsoft 365 environment often involves identifying team leaders or managers and the direct reports they oversee. As an administrator, you may need a way to list all managers within your tenant along with their details and the number of direct reports. In this article, we will present a Microsoft Graph PowerShell script to help you retrieve a list of managers, their User Principal Names (UPN), and the number of direct reports they have.
This script will make use of the Get-MgUser cmdlet with the -ExpandProperty
parameter to fetch the necessary details in a tabular format. Let’s dive into the script, explain how it works, and explore potential enhancements.
# Connect to Microsoft Graph (if not already connected)
Connect-MgGraph -Scopes "User.Read.All"
# Query all users to check who has direct reports by expanding the 'directReports' property
$users = Get-MgUser -All -Property displayName userPrincipalName -ExpandProperty directReports
# Create an array to store the results
$results = @()
# Loop through each user to check if they have direct reports
foreach ($user in $users) {
# Check if the user has any direct reports
if ($user.directReports.Count -gt 0) {
# Add the manager details to the results array
$results += [pscustomobject]@{
"Manager Name" = $user.displayName
"User Principal Name" = $user.userPrincipalName
"No. of Direct Reports" = $user.directReports.Count
}
}
}
# Output the results in a table format
$results | Format-Table -AutoSize
Connect-MgGraph
cmdlet allows you to connect with the necessary permissions to retrieve user details. In this case, we use the "User.Read.All" scope to read all users in the tenant.Get-MgUser
cmdlet is used to retrieve all users in the tenant. To access the directReports
property (which contains details about each user's direct reports), we need to use the -ExpandProperty directReports
parameter. Without expanding this property, you wouldn’t be able to access the direct reports in the result set.$results
is created to store the information for each manager. For each user who has direct reports (i.e., the directReports
count is greater than zero), we store their details, including their display name, UPN, and the number of direct reports.Format-Table
cmdlet. This ensures that the data is easy to read and interpret.Export-Csv
cmdlet:$results | Export-Csv -Path "ManagersWithDirectReports.csv" -NoTypeInformation
$users = Get-MgUser -All -Property displayName userPrincipalName department -ExpandProperty directReports | Where-Object { $_.department -eq "Sales" }
This would list only the managers in the "Sales" department.
Cause: This happens if you don’t have the necessary permissions (scopes) when connecting to Microsoft Graph.
Solution: Make sure you use the correct permissions when connecting to Microsoft Graph. For this script, the "User.Read.All" permission is required. Also, ensure your account has the necessary admin privileges to access user data.
Cause: This occurs if the directReports
property is not expanded properly.
Solution: Ensure that you are using the -ExpandProperty directReports
parameter in the Get-MgUser
cmdlet. Without this, the directReports
property won’t be accessible in the result set.
Cause: This could occur if no users have direct reports or if the query didn’t return any data.
Solution: Check if the tenant has users with direct reports. You might also want to verify your connection to Microsoft Graph and ensure there are users with direct reports in your tenant.
This PowerShell script provides a simple yet powerful way to list all managers in your Microsoft 365 tenant and display their details in a tabular format. By leveraging Microsoft Graph, you can easily extend this script to add more functionality such as filtering by department, exporting the results, or sending automated emails. This script is a great tool for administrators who want to streamline reporting and management tasks related to user roles and hierarchies.
© m365corner.com. All Rights Reserved. Design by HTML Codex