1

I need to get in my terminal a table that lists all users together with certain attributes. I use powershell that was set up using commands Install-Module AzureAD and Connect-AzureAD -Tenant "<mydirectory>.onmicrosoft.com".

When I inquiry a single user, I get this:

О»  Get-AzureADUser -ObjectId dacbdd03-... | Select -ExpandProperty ExtensionProperty

Key                                                   Value
---                                                   -----
odata.metadata                                        https://graph.windows.net/ee26ec1a.../$metadata#directoryObjects/@Element
odata.type                                            Microsoft.DirectoryServices.User
createdDateTime                                       31.01.2023 19:57:55
employeeId
onPremisesDistinguishedName
userIdentities                                        []
extension_<largenumber>_customerId                    48f6eadf-...

I need now to output a table of all users, so I list its objectId, extension_<largenumber>_customerId and also an email field. Note that I have millions of users (result should be dumped in a file).

onkami
  • 8,791
  • 17
  • 90
  • 176

1 Answers1

1

You can review all properties to filter by using an example ObjectID (such as your own) by running the following:

Get-AzureADUser -ObjectId example@contoso.com | select *

After you know what filters you'd like, you'll use a few additional flags:

  • -all $true to run against all users
  • > results.csv to dump to a csv file
  • Format-Table -AutoSize to force table output, if you decide to include more than five properties of an AzureADUser

Try using something like this as your starting point.

Get-AzureADUser -all $true | select ObjectID, mail, extension_<largenumber>_customerId  | Format-Table -AutoSize > C:\output\results.csv

Name the output file and location as you'd like.

You should also consider narrowing down your search as you're running against a million users. Consider narrowing down your search definition. Perhaps you can search for only users in a particular email domain, company, or department?

I'm not sure of any negligible impact this script could have querying against a million user records. Perhaps someone with more experience could comment.

DontCopyThatFloppy
  • 63
  • 1
  • 1
  • 9
  • I also found very thorough answer about the formatting https://stackoverflow.com/questions/38554966/controlling-column-widths-with-format-table. – onkami Feb 09 '23 at 12:01
  • I have however an issue, that when I do `Get-AzureADUser -Top 1 | select ObjectID, SignInNames, ExtensionProperty | Out-String -Stream -Width 10000` I still get truncated output as the two latter are complex fields. I would need to avoid truncation or to print their sub-fields of interest. Could you suggest how to do so? I get now: `000008f7-... {class SignInName {... {[odata.type, Microsoft.DirectoryServices.User], [createdDateTime, 17.08.2021 7:21:03], [employeeId, ], [onPremisesDistinguishedName, ]...}` – onkami Feb 09 '23 at 12:03