M365 PowerShell

Using Get-MgUserManager in Graph PowerShell

The Get-MgUserManager cmdlet in Microsoft Graph PowerShell is an essential tool for retrieving the manager information of a specified user. This cmdlet is particularly useful for IT administrators and support teams who need to manage organizational hierarchies and streamline user management processes. In this article, we'll dive deep into the syntax, usage examples, cmdlet tips, common use cases, and troubleshooting tips for the Get-MgUserManager cmdlet.

Prerequisites

Microsoft Graph PowerShell Module: Ensure you have the Microsoft Graph PowerShell module installed. You can install it using the following command:
```
Install-Module Microsoft.Graph -Scope CurrentUser
```
Permissions: You need the appropriate permissions to execute the Get-MgUserManager cmdlet. The required Graph API permission is: User.Read.All

Syntax

The basic syntax for the Get-MgUserManager cmdlet is as follows:

Get-MgUserManager -UserId <String> [<CommonParameters>]

Parameters:

-UserId <String>: The unique identifier (user principal name or object ID) of the user whose manager information you want to retrieve.

Usage Examples

Example 1: Retrieve the Manager Information for a Specific User

To get detailed information about the manager, you need to first retrieve the manager's ID and then use the Get-MgUser cmdlet to get more details:

$managerId = (Get-MgUserManager -UserId "user@domain.com").Id
$manager = Get-MgUser -UserId $managerId
$manager | Select-Object Id, DisplayName, UserPrincipalName, Mail

This command retrieves the manager's ID for the user with the email user@domain.com and then retrieves detailed information about the manager, displaying the manager's ID, Display Name, User Principal Name, and Mail.

Example 2: Retrieve Manager Information for Multiple Users

To retrieve the manager information for multiple users, you can use a loop or pipeline.

$users = Get-MgUser -Filter "Department eq 'Sales'" -All
foreach ($user in $users) {
    $managerId = (Get-MgUserManager -UserId $user.Id).Id
    $manager = Get-MgUser -UserId $managerId
    [PSCustomObject]@{
        UserId = $user.UserPrincipalName
        ManagerId = $manager.Id
        ManagerDisplayName = $manager.DisplayName
        ManagerUPN = $manager.UserPrincipalName
        ManagerMail = $manager.Mail
    }
}

This script gets all users in the Sales department and retrieves their respective managers' information.

Sample Output

PowerShell script output demonstrating how to retrieve a user managers of all users of a specific department using the Get-MgUserManager cmdlet in Microsoft Graph PowerShell.

Example 3: Output Manager Information to a CSV File

$users = Get-MgUser -Filter "Department eq 'HR'" -All
$managers = foreach ($user in $users) {
    $managerId = (Get-MgUserManager -UserId $user.Id).Id
    $manager = Get-MgUser -UserId $managerId
    [PSCustomObject]@{
        UserId = $user.UserPrincipalName
        ManagerId = $manager.Id
        ManagerDisplayName = $manager.DisplayName
        ManagerUPN = $manager.UserPrincipalName
        ManagerMail = $manager.Mail
    }
}
$managers | Export-Csv -Path "C:\ManagersInfo.csv" -NoTypeInformation

This script exports the manager information for all users in the HR department to a CSV file.

Cmdlet Tips

Use UPN for Simplicity: The -UserId parameter accepts both the user's GUID and UPN (user@domain.com). Using UPN makes your scripts more readable and user-friendly.
Ideal for Org Chart Scripts: This cmdlet is especially useful when building org charts, automating manager approval flows, or simply checking reporting structures.
No ExpandProperty Needed: Unlike other cmdlets, you don’t need -ExpandProperty to get the manager details—it returns the manager object directly.
Pair with Get-MgUserDirectReport: Combine with Get-MgUserDirectReport for a complete view of a user's reporting hierarchy—who reports to whom and vice versa.
Script-Friendly Output: Pipe the result to Select-Object or Format-List to extract fields like DisplayName, UserPrincipalName, Id, etc.
```
Get-MgUserManager -UserId "jane.doe@domain.com" | Select DisplayName, UserPrincipalName
```
Handle Null Managers Gracefully: Not all users have managers assigned. Use try/catch blocks or check for $null to avoid runtime errors in bulk queries.
Bulk Queries with Loops: When checking managers for multiple users, use a foreach loop along with Get-MgUser and this cmdlet to generate a manager-reporting map.
Great for Delegation Checks: Need to ensure users are reporting to the correct person? Use this cmdlet to audit and compare against HR records.
Permission Reminder: You’ll need User.Read.All or Directory.Read.All delegated or application permissions to retrieve manager info. Ensure your Graph app or session is appropriately consented.
Helpful in Onboarding/Offboarding Automations: Use manager data to route access requests, notify managers during user onboarding or offboarding, or automate welcome messages from the manager.

Common Use Cases

Identify reporting structure: Quickly find a user's manager for organizational visibility.
Automate approval workflows: Auto-route requests to the appropriate manager in apps like Power Automate.
Security and access reviews: Verify reporting lines during audits or access reviews.
User onboarding/offboarding: Ensure proper escalation paths are assigned or removed.

Frequently Asked Questions

What is the purpose of the Get-MgUserManager cmdlet in Graph PowerShell?
The Get-MgUserManager cmdlet is used to retrieve the manager of a specific Microsoft 365 user. It helps administrators quickly identify reporting relationships within an organization.
How do I find a user's manager using Graph PowerShell?
You can use the following command to get the manager of a specific user by their User Principal Name (UPN):
```
Get-MgUserManager -UserId user@domain.com
```
Can I retrieve the manager of multiple users at once?
No, Get-MgUserManager works for a single user at a time. However, you can loop through a list of users using PowerShell scripting to fetch managers in bulk.
Why am I getting an error saying 'User not found'?
This error usually occurs if the user does not exist in your tenant or if there is a typo in the provided UserId. Ensure the correct UPN or Object ID is used.
What permissions are required to run Get-MgUserManager?
You need the User.Read.All or Directory.Read.All permission to retrieve a user's manager. If you encounter permission errors, ensure you have the necessary Graph API access.

Can I export the manager details to a CSV file?
Yes! You can run the following command to export user managers to a CSV file:

Get-MgUserManager -UserId user@domain.com | Select-Object DisplayName, Id | Export-Csv -Path "Managers.csv" -NoTypeInformation

How can I check if a user has no manager assigned?
If a user does not have a manager assigned, running Get-MgUserManager will return an empty result. You can also check this programmatically:
```
$manager = Get-MgUserManager -UserId user@domain.com  
if (!$manager) { Write-Output "No manager assigned." }
```
Can I use Get-MgUserManager to find managers of guest users?
No, guest users typically do not have managers assigned within Microsoft Entra ID (formerly Azure AD). This cmdlet only works for regular organizational users.
Can I assign or update a user’s manager using Graph PowerShell?
Yes! You can use the Set-MgUserManagerByRef cmdlet to assign or update a manager for a user:
```
Set-MgUserManager -UserId user@domain.com -ManagerId manager-id
```

Possible Errors & Solutions

Error: User Not Found

If the specified user ID is incorrect or the user does not exist, you might encounter an error. Ensure the user ID is accurate and the user exists in the directory.

try {
    Get-MgUserManager -UserId "nonexistentuser@domain.com"
} catch {
    Write-Host "Error: User not found. Please check the User ID and try again."
}

Error: Insufficient Permissions

Ensure you have the necessary permissions to retrieve user manager information. You might need to have appropriate roles assigned, such as Global Administrator or User Administrator.

try {
    Get-MgUserManager -UserId "user@domain.com"
} catch {
    Write-Host "Error: Insufficient permissions. Ensure you have the necessary roles assigned."
}

Error: API Limits Exceeded

If you're retrieving manager information for a large number of users, you might hit API limits. Implement throttling or batch processing to handle large datasets.

$users = Get-MgUser -All
foreach ($user in $users) {
    try {
        Start-Sleep -Seconds 1
        $managerId = (Get-MgUserManager -UserId $user.Id).Id
        $manager = Get-MgUser -UserId $managerId
        Write-Output $manager
    } catch {
        Write-Host "API limit exceeded. Retrying..."
        Start-Sleep -Seconds 60
        $managerId = (Get-MgUserManager -UserId $user.Id).Id
        $manager = Get-MgUser -UserId $managerId
        Write-Output $manager
    }
}

Get User Manager Using Admin Center

To get user's manager using Microsoft 365 admin center, do the following:

Login to Microsoft 365 Admin Center
Click Users >> Active Users >> Select User >> Manager section

Microsoft 365 Admin Center interface displaying the manager details of a selected user in the Active Users section.

Why the Manager Attribute Matters in Microsoft 365

The “manager” attribute in Azure AD is more than just metadata — it’s essential for automation and accountability:

Power Automate & Approvals: Auto-routes leave, expense, and access requests to the appropriate manager.
Access Reviews in Entra ID: Ensures users have the right access and up-to-date reporting lines.
MyAccess & PIM: Used as a checkpoint for privilege elevation and secure access workflows.
People Cards & Delve: Reflects accurate org charts and reporting structures across Microsoft 365 apps.

Keeping the manager field updated supports better workflow automation, compliance, and overall user experience across your M365 environment.

Conclusion

The Get-MgUserManager cmdlet is a powerful tool for managing and retrieving managerial information within Microsoft 365. By understanding its syntax, usage examples, and potential pitfalls, you can effectively incorporate this cmdlet into your daily administrative tasks. Whether you're creating organizational charts, generating managerial reports, or automating user management processes, this cmdlet can significantly streamline your workflow.

By following the tips and handling possible errors, you'll be well-equipped to use the Get-MgUserManager cmdlet to its fullest potential, ensuring efficient and accurate management of user-manager relationships in your organization.

💡 Did You Know?
The Get-MgUserManager cmdlet retrieves the manager based on Azure AD’s “manager” attribute. Keeping this updated improves the accuracy of workflows, access reviews, and reporting structures across Microsoft 365 services.

Using Get-MgDirectoryRole in Graph PowerShell
Using Get-MgUserLicenseDetail in Graph PowerShell
Using Find-GraphMgCommand in Graph PowerShell
Connect to Microsoft 365 Using PowerShell
How to Create Bulk Users in Office 365 Using Graph PowerShell?
Create Microsoft 365 Group Using Microsoft Graph PowerShell
Block Microsoft 365 User Using Microsoft Graph PowerShell
Assign Microsoft 365 License Using Graph PowerShell
Microsoft 365 User Management Using Graph PowerShell
Checking Group Membership in Microsoft 365
Bulk Assign Microsoft 365 License
Find Inactive Users in Microsoft 365
Using Powershell Graph Search Query
Using Powershell Graph Filter Query
Using Where-Object In Graph PowerShell
Using Expand Property In Graph PowerShell
Using Select Object In Graph PowerShell
Using -Contains Operator In Graph PowerShell
Add User to Multiple Microsoft 365 Groups Using Graph PowerShell
Get Microsoft 365 User Location Using Graph PowerShell
Import Microsoft 365 Groups from CSV File Using Graph PowerShell
Microsoft 365 Group User Import Using Graph PowerShell