A common task that needs to be performed is to return all the Global administrators in a tenant via PowerShell. With the focus on using the Microsoft Graph to do things like this you can use the following:
import-module Microsoft.Graph.Identity.DirectoryManagement
Connect-MgGraph -Scopes “RoleManagement.Read.Directory”,”User.Read.All”
$globalAdmins = Get-MgDirectoryRole | Where-Object { $_.displayName -eq “Global Administrator” }
$globalAdminUsers = Get-MgDirectoryRoleMember -DirectoryRoleId $globalAdmins.id
$globaladminsummary = @()
foreach ($adminuser in $globalAdminUsers) {
$user = Get-MgUser -userId $adminuser.Id
$globaladminSummary += [pscustomobject]@{
Id = $adminuser.Id
UserPrincipalName = $user.UserPrincipalName
DisplayName = $user.DisplayName
}
}
$globaladminsummary
which I have also uploaded to my Github repo here:
https://github.com/directorcia/Office365/blob/master/graph-globaladmins-get.ps1
You may also need to consent to some permissions like:
If your user doesn’t have these. Permissions required are:
RoleManagement.Read.Directory
User.Read.All
The list of tenant global admins will be held in the variable $globaladminsummary at the completion of this script.
CIAOPS 