Get-EntraDirectoryRole
Gets a directory role.
Syntax
Get-EntraDirectoryRole
[-Filter <String>]
[-Property <String[]>]
[<CommonParameters>] Get-EntraDirectoryRole
-DirectoryRoleId <String>
[-Property <String[]>]
[<CommonParameters>] Description
The Get-EntraDirectoryRole cmdlet gets a directory role from Microsoft Entra ID. Specify ObjectId parameter to get a directory role.
Examples
Example 1: Get a directory role by ID
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole -DirectoryRoleId '019ea7a2-1613-47c9-81cb-20ba35b1ae48'
ObjectId DisplayName Description
-------- ----------- -----------
019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope.This command gets the specified directory role.
-ObjectIdparameter specifies the ID of a directory role in Microsoft Entra ID.
Example 2: Get all directory roles
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole
DeletedDateTime Id Description
--------------- -- -----------
aaaaaaaa-0000-1111-2222-bbbbbbbbbbbb Perform all migration functionality to migrate content to Microsoft 365 usin...
aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb Can manage all aspects of users and groups, including resetting passwords fo...
bbbbbbbb-7777-8888-9999-cccccccccccc Can read basic directory information. Commonly used to grant directory read ...
cccccccc-8888-9999-0000-dddddddddddd Can read and write basic directory information. For granting access to appli...This command gets all the directory roles.
Example 3: Get a directory role filter by ObjectId
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole -Filter "ObjectId eq '019ea7a2-1613-47c9-81cb-20ba35b1ae48'"
ObjectId DisplayName Description
-------- ----------- -----------
019ea7a2-1613-47c9-81cb-20ba35b1ae48 Company Administrator Company Administrator role has full access to perform any operation in the company scope.This command gets the directory role by ObjectId.
-ObjectIdparameter specifies the ID of a directory role in Microsoft Entra ID.
Example 4: Get a directory role filter by displayName
Connect-Entra -Scopes 'RoleManagement.Read.Directory'
Get-EntraDirectoryRole -Filter "displayName eq 'Helpdesk Administrator'"
DeletedDateTime Id Description
--------------- -- -----------
56644e28-bf8b-4dad-8595-24448ffa3cb8 Perform all migration functionality to migrate content to Microsoft 365 usin...This command gets the directory role by display name.
Parameters
-DirectoryRoleId
Specifies the ID of a directory role in Microsoft Entra ID.
| Type: | System.String |
| Aliases: | ObjectId |
| Position: | Named |
| Default value: | None |
| Required: | True |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Filter
The OData v4.0 filter statement. Controls which objects are returned.
| Type: | System.String |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | True |
| Accept wildcard characters: | False |
-Property
Specifies properties to be returned
| Type: | System.String[] |
| Position: | Named |
| Default value: | None |
| Required: | False |
| Accept pipeline input: | False |
| Accept wildcard characters: | False |