Get-EntraDirectoryRoleMember
Gets members of a directory role.
Syntax
Get-EntraDirectoryRoleMember
-DirectoryRoleId <String>
[-Property <String[]>]
[<CommonParameters>] Description
The Get-EntraDirectoryRoleMember cmdlet retrieves the members of a directory role in Microsoft Entra ID. To obtain the members of a specific directory role, specify the DirectoryRoleId. Use the Get-EntraDirectoryRole cmdlet to get the DirectoryRoleId value.
In delegated scenarios with work or school accounts, the signed-in user must have a supported Microsoft Entra role or a custom role with the necessary permissions. The following least privileged roles are supported for this operation:
- User Administrator
- Helpdesk Administrator
- Service Support Administrator
- Billing Administrator
- Directory Readers
- Directory Writers
- Application Administrator
- Security Reader
- Security Administrator
- Privileged Role Administrator
- Cloud Application Administrator
Examples
Example 1: Get members by role ID
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
$directoryRole = Get-EntraDirectoryRole -Filter "displayName eq 'Helpdesk Administrator'"
Get-EntraDirectoryRoleMember -DirectoryRoleId $directoryRole.Id | Select Id, DisplayName, '@odata.type', CreatedDateTime
id displayName @odata.type createdDateTime
-- ----------- ----------- ---------------
bbbbbbbb-7777-8888-9999-cccccccccccc Debra Berger #microsoft.graph.user 10/7/2024 12:31:57 AM
cccccccc-2222-3333-4444-dddddddddddd Contoso Group #microsoft.graph.group 11/12/2024 9:59:43 AMThis example retrieves the members of the specified role.
-DirectoryRoleIdparameter specifies directory role ID.
Parameters
-DirectoryRoleId
Specifies the ID of a directory role in Microsoft Entra ID.
| Type: | System.String |
| Aliases: | ObjectId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Property
Specifies properties to be returned.
| Type: | System.String[] |
| Aliases: | Select |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |