This is a small little script I wrote for going through all administrator roles in your O365 tenant and listing out the members of each. This can be handy if you feel like you’re losing control over who has what permission in the tenant or someone says the classic “I want what he has”.
$DateStamp = Get-Date -Format "yyyy-MM-dd-HH-mm"
$LogFile = ("C:\temp\get_all_msolrolemembers-" + $DateStamp + ".csv")
# Defining the log function
Function LogWrite
{
Param ([string]$logstring)
Add-content $Logfile -value $logstring
}
LogWrite ("msolrole;email;displayname;islicensed")
$msolroles = get-msolrole
foreach($role in $msolroles)
{
$rolemembers = get-msolrolemember -roleobjectid $role.objectid
foreach($rolemember in $rolemembers)
{
LogWrite ($role.name + ";" + $rolemember.emailaddress + ";" + $rolemember.DisplayName + ";" + $rolemember.islicensed +";")
}
}
stoff
You must be logged in to post a comment.