Getting Global Administrators using the Graph

A common task that needs to be performed is to return all the Global administrators in a tenant via PowerShell. With the focus on using the Microsoft Graph to do things like this you can use the following:

import-module Microsoft.Graph.Identity.DirectoryManagement


Connect-MgGraph -Scopes “RoleManagement.Read.Directory”,”User.Read.All”

$globalAdmins = Get-MgDirectoryRole | Where-Object { $_.displayName -eq “Global Administrator” }
$globalAdminUsers = Get-MgDirectoryRoleMember -DirectoryRoleId $globalAdmins.id

$globaladminsummary = @()
foreach ($adminuser in $globalAdminUsers) {
     $user = Get-MgUser -userId $adminuser.Id
     $globaladminSummary += [pscustomobject]@{      
         Id                = $adminuser.Id
         UserPrincipalName = $user.UserPrincipalName
         DisplayName       = $user.DisplayName
     }
}


$globaladminsummary

which I have also uploaded to my Github repo here:

https://github.com/directorcia/Office365/blob/master/graph-globaladmins-get.ps1

You may also need to consent to some permissions like:

image

If your user doesn’t have these. Permissions required are:

RoleManagement.Read.Directory
User.Read.All

The list of tenant global admins will be held in the variable $globaladminsummary at the completion of this script.

July Microsoft 365 Webinar resources

image

The slides from this month’s webinar are available at:

https://github.com/directorcia/general/blob/master/Presentations/Need%20to%20Know%20Webinars/202407.pdf

If you are not a CIAOPS patron you want to view or download a full copy of the video from the session you can do so here:

http://www.ciaopsacademy.com.au/p/need-to-know-webinars

Watch out for next month’s webinar

Key Topics:
  • Microsoft 365 update: Robert shared some new features and updates for Microsoft 365, such as copilot in planner, inbound SMTP Dane and DNS Secure, and guest sharing in loop. 1:51

  • Defender for business overview: Robert explained the benefits and features of defender for business, a security product that is included with business premium and available as a standalone SKU. It provides enterprise-grade protection and integration with other Microsoft products for SMBs. 5:03

  • Defender for business configuration: Robert demonstrated how to configure defender for business settings, onboarding, alerts, investigations, and integrations. He advised not to use the wizard and to enable all the advanced features. He also showed how to use the assets, incidents and alerts, and vulnerability management sections. 19:34

  • Defender for business resources and Q&A: Robert provided some links and resources for further learning and support. He also invited the attendees to ask any questions or provide feedback. 49:11

Need to Know podcast–Episode 323

The Crowdstrike issue has been the dominant news item recently and I have some information as well as my own thoughts on this which I share. As always the news and updates from Microsoft continue and I share with you what I feel is most relevant including a number of handy videos on various Copilots, so listen along and enjoy. As always love to hear your thoughts and feedback.

You can listen directly to this episode at:

https://ciaops.podbean.com/e/episode-323-aftermath/

Subscribe via iTunes at:

https://itunes.apple.com/au/podcast/ciaops-need-to-know-podcasts/id406891445?mt=2

Don’t forget to give the show a rating as well as send me any feedback or suggestions you may have for the show.

Brought to you by www.ciaopspatron.com

Resources

@directorcia

Join my shared channel

CIAOPS merch store

Become a CIAOPS Patron

CIAOPS Blog

CIAOPS Brief

CIAOPSLabs

Support CIAOPS

Helping our customers through the CrowdStrike outage

Microsoft Bookings | Your Appointment Scheduling Solution

Announcing Public Preview of Inbound SMTP DANE with DNSSEC for Exchange Online

Guest sharing now available in Microsoft Loop

Make OT security a core part of your SOC strategy with Microsoft Defender XDR

Perfect your prompt with Copilot for Microsoft 365

Build a great prompt with Copilot for Microsoft 365

New Outlook for Windows | How to use Coaching by Copilot

Copilot Learning Hub: Your Gateway to Mastering Microsoft Copilot

Turn PDFs into editable documents in Word for iOS

Simplified Zero Trust security with the Microsoft Entra Suite and unified security operations platform, now generally available

How to secure access for your workforce with Microsoft Entra Suite

Microsoft Entra Internet Access Overview

Microsoft Security Service Edge now generally available

Introducing dynamic watermarking for Word, Excel, and PowerPoint

SharePoint roadmap pitstop: June 2024

What’s New in Microsoft Teams | June 2024

Dealing with Unsatisfactory Responses

Promptbooks

File menu improvements in Word, Excel, and PowerPoint for the web

CIAOPS Brief 20240721

image

Helping our customers through the CrowdStrike outage –

https://blogs.microsoft.com/blog/2024/07/20/helping-our-customers-through-the-crowdstrike-outage/

Perfect your prompt with Copilot for Microsoft 365 –

https://www.youtube.com/watch?v=p44TCPObGic

Microsoft Bookings | Your Appointment Scheduling Solution –

https://www.youtube.com/watch?v=-tBAeWXutoM

Announcing Public Preview of Inbound SMTP DANE with DNSSEC for Exchange Online –

https://techcommunity.microsoft.com/t5/exchange-team-blog/announcing-public-preview-of-inbound-smtp-dane-with-dnssec-for/ba-p/4155257

Guest sharing now available in Microsoft Loop –

https://insider.microsoft365.com/en-us/blog/guest-sharing-now-available-in-microsoft-loop

Make OT security a core part of your SOC strategy with Microsoft Defender XDR –

https://techcommunity.microsoft.com/t5/microsoft-defender-xdr-blog/make-ot-security-a-core-part-of-your-soc-strategy-with-microsoft/ba-p/4185702

Introducing Coauthoring for SharePoint Pages and News –

https://techcommunity.microsoft.com/t5/microsoft-sharepoint-blog/introducing-coauthoring-for-sharepoint-pages-and-news/ba-p/4192161

Create personalized invitations with Microsoft Designer –

https://insider.microsoft365.com/en-us/blog/create-personalized-invitations-with-microsoft-designer

Build a great prompt with Copilot for Microsoft 365 –

https://www.youtube.com/watch?v=1VC4opm7GkU

Turn PDFs into editable documents in Word for iOS –

https://insider.microsoft365.com/en-us/blog/turn-pdfs-into-editable-documents-in-word-for-ios

After hours

My Puzzle Robot is 200x Faster Than a Human – https://www.youtube.com/watch?v=Sqr-PdVYhY4

Editorial

If you found this valuable, the I’d appreciate a ‘like’ or perhaps a donation at https://ko-fi.com/ciaops. This helps me know that people enjoy what I have created and provides resources to allow me to create more content. If you have any feedback or suggestions around this, I’m all ears. You can also find me via email director@ciaops.com and on X (Twitter) at https://www.twitter.com/directorcia.

If you want to be part of a dedicated Microsoft Cloud community with information and interactions daily, then consider becoming a CIAOPS Patron – www.ciaopspatron.com.

Watch out for the next CIA Brief next week

Staged Defender updates with Intune

The direct URL is:https://www.youtube.com/watch?v=K6zMtbbHCjM

In this video I cover how to create an Endpoint Security Antivirus policy that controls updates for Defender Engine, Platform and Security Intelligence components. This is not the only way to create a staged roll out of Defender updates and I would recommend the following document from Microsoft for more information:

Manage the gradual rollout process for Microsoft Defender updates – Microsoft Defender for Endpoint | Microsoft Learn

Reading from the CIAOPS Best Practices repo

I’ve recently upload a new JSON configuration file to my Best Practices repo on Github that you can deploy to Intune using PowerShell. You can find it here:

https://github.com/directorcia/bp/blob/main/Intune/Policies/ConfigurationProfiles/SettingsCatalog/odfb.json

The first thing to realise if you want to read this directly in from the repo is that you’ll need to use the raw version of that file which you can find here:

https://raw.githubusercontent.com/directorcia/bp/main/Intune/Policies/ConfigurationProfiles/SettingsCatalog/odfb.json

You will then need to use the command:

$query = invoke-webrequest -method GET -ContentType “application/json” -uri $url -UseBasicParsing

which will store the result in a variable called $query. Of course, you will need to assign the raw URL to the variable $url also.

Once executed if you look at $query.content you should then find a copy of JSON file you can then use to create a policy with PowerShell in Intune.

You can read all of the JSON files in my Best Practices repo in this way and use them to easily deploy to your environment.

ODFB summary script

I’ve have just uploaded a new script to my public Office 365 repo. Here is the direct link:

https://github.com/directorcia/Office365/blob/master/graph-odfb-get.ps1

The script will use the Microsoft Graph to create a summary report of users ODFB, which can also be output to a CSV file.

image

You will need to have the Graph PowerShell module installed. When you run the script you will typically need to consent to the above permissions. These can be found in the Users area of the Graph documentation.

image

The first thing the script will do is connect to the Microsoft Graph and you will generally be prompted to login with a user who has suitable permissions. Once that is complete a list of users will be displayed as shown above.

image

The script will then look at each user found and determine whether they have a ODFB assigned and enabled as shown above. Not all users in your tenant may have a ODFB.

image

For users that do have a ODFB the stats on these will display including total size, used and deleted as shown above.

image

If you use the –csv switch on the command line when you run the script a summary CSV file will also be generated in the parent directory.

Hopefully this helps get a quick summary of all your users ODFB usage.


New CIAOPS Copilot for M365 course

mountains

I just completed a new “Getting Started with Copilot for Microsoft 365” online course that you can find here:

https://www.ciaopsacademy.com/p/getting-started-with-copilot-for-micrsoft-365

The course is designed for the end user who wants to better understand how Copilot for Microsoft 365 can help improve their productivity across the suite of applications that Microsoft 365 provides access to, including Word, Excel, Outlook, Teams and more. This course is not aimed at administrators but those using Microsoft 365 in their business.

This new course is also available to CIAOPS Patrons as part of their benefits, so they too can get up to speed with Copilot in Microsoft 365.

Look out for more courses coming soon from CIAOPS.