Closed
Description
Describe the bug
Using any of the below Cmdlets:
The documentation for these cmdlets suggests it's as simple as using syntax such as:
Get-MgDirectoryObject -DirectoryObjectId {guid}However, this simply returns e.g.:
Id DeletedDateTime
-- ---------------
{guid}
Attempting to select e.g. displayName property only just returns:
Get-MgDirectoryObject -DirectoryObjectId {guid} -Property DisplayName
Id DeletedDateTime
-- ---------------
And if you try to use -ExpandProperty:
Get-MgBetaDirectoryObject -DirectoryObjectId {guid} -ExpandProperty DisplayName
Get-MgBetaDirectoryObject_Get: Parsing OData Select and Expand failed: Could not find a property named 'DisplayName' on type 'microsoft.graph.directoryObject'.
Status: 400 (BadRequest)
ErrorCode: BadRequest
Date: 2024-01-31T08:31:33
Headers:
Transfer-Encoding : chunked
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : bb96bf54-3b28-4176-b261-1ac392aca04b
client-request-id : ba867e4a-94b4-4669-b88f-45227fa7524b
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"3","ScaleUnit":"005","RoleInstance":"LO2PEPF000029B0"}}
Date : Wed, 31 Jan 2024 08:31:32 GMT
Cache-Control : proxy-revalidate
X-SYMC-Transaction-UUID : 97f74b51c0cb3d2a-000000000c2d269e-0000000065ba0565
Connection : keep-alivEven using the suggested -BodyParameter switch with a hashtable of parameters makes no difference e.g.:
$params = @{ ids = @("{guid}");types=@("user","group") }
$params
Name Value
---- -----
ids {guid}
types {user, group}
Get-MgBetaDirectoryObjectByID -BodyParameter $params
Id DeletedDateTime
-- ---------------
{guid}
To Reproduce
Steps to reproduce the behavior:
- Follow the steps above, which follow the documented usage of the referenced cmdlets (making sure first to Install and Import the modules required):
Install-Module Microsoft.GraphImport-Module Microsoft.GraphInstall-Module Microsoft.Graph.DirectoryObjectsImport-Module Microsoft.Graph.DirectoryObjectsConnect-MgGraph
- See errors/issues listed in the bug description.
Expected behavior
I expect more fields to be displayed by default and also to be directly accessible - consider the response to directly calling the API endpoint via Invoke-MgGraphRequest:
Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/beta/directoryObjects/{guid}" -Method GET
Name Value
---- -----
passwordPolicies DisablePasswordExpiration
...
displayName BLOGGS, Joe
Invoke-MgGraphRequest -Uri "https://graph.microsoft.com/beta/directoryObjects/{guid}" -Method GET | Select-Object -ExpandProperty displayName
BLOGGS, JoeDebug Output
Get-MgDirectoryObject -DirectoryObjectId REDACTED -Debug
DEBUG: [CmdletBeginProcessing]: - Get-MgDirectoryObject begin processing with parameterSet 'Get'.
DEBUG: [Authentication]: - AuthType: 'AppOnly', TokenCredentialType: 'ClientSecret', ContextScope: 'Process', AppName: 'REDACTED'.
DEBUG: [Authentication]: - Scopes: [Policy.Read.ConditionalAccess, Policy.ReadWrite.ConditionalAccess, Policy.ReadWrite.AuthenticationMethod, Policy.ReadWrite.AuthenticationFlows, Directory.Read.All, Policy.Rea
d.All].
DEBUG: ============================ HTTP REQUEST ============================
HTTP Method:
GET
Absolute Uri:
https://graph.microsoft.com/v1.0/directoryObjects/REDACTED
Headers:
FeatureFlag : 00000043
Cache-Control : no-store, no-cache
User-Agent : Mozilla/5.0,(Linux; Ubuntu 22.04.3 LTS; ),PowerShell/7.4.1
Accept-Encoding : gzip
SdkVersion : graph-powershell/2.12.0
client-request-id : f3b6f49e-1105-4e34-aa88-15bf65417ac
Body:
DEBUG: ============================ HTTP RESPONSE ============================
Status Code:
OK
Headers:
Transfer-Encoding : chunked
Vary : Accept-Encoding
Strict-Transport-Security : max-age=31536000
request-id : 26e79417-78b7-4e26-9a4e-dc2b4e402505
client-request-id : f3b6f49e-1105-4e34-aa88-15bf65417ace
x-ms-ags-diagnostic : {"ServerInfo":{"DataCenter":"UK South","Slice":"E","Ring":"3","ScaleUnit":"003","RoleInstance":"LO2PEPF0000040F"}}
x-ms-resource-unit : 1
OData-Version : 4.0
Date : Wed, 31 Jan 2024 13:25:17 GMT
Cache-Control : proxy-revalidate, no-cache
X-SYMC-Transaction-UUID : 97f74b51c0cb3d2a-000000000e24823c-0000000065ba4a3e
Connection : keep-aliv
Body:
{
"@odata.context": "https://graph.microsoft.com/v1.0/$metadata#directoryObjects/$entity",
"@odata.type": "#microsoft.graph.user",
"id": "REDACTED",
"businessPhones": [],
"displayName": "BLOGGS, Joe",
"givenName": "REDACTED",
"jobTitle": "REDACTED",
"mail": "REDACTED",
"mobilePhone": null,
"officeLocation": "REDACTEDl",
"preferredLanguage": null,
"surname": "REDACTED",
"userPrincipalName": "REDACTED"
}
DEBUG: [CmdletEndProcessing]: - Get-MgDirectoryObject end processing.
Id DeletedDateTime
-- ---------------
REDACTED
You can see that the attribute values are in the response from the API but that the cmdlet will not expose them. I know this may potentially be covered by the following in the documentation/help:
BODYPARAMETER <IPathsG5Xp0HDirectoryobjectsMicrosoftGraphGetbyidsPostRequestbodyContentApplicationJsonSchema>: . [(Any) <Object>]: This indicates any property can be added to this object. [Ids <String[]>]: [Types <String[]>]:
However there isn't a clear example and the documentation here is very poor.
Module Version
ModuleType Version PreRelease Name ExportedCommands
---------- ------- ---------- ---- ----------------
Script 2.12.0 Microsoft.Graph.Applications {Add-MgApplicationKey, Add-MgApplicationPassword, Add-MgServicePrincipalKey, Add-MgServicePrincipalPassword…}
Script 2.12.0 Microsoft.Graph.Authentication {Add-MgEnvironment, Connect-MgGraph, Disconnect-MgGraph, Get-MgContext…}
Script 2.12.0 Microsoft.Graph.Beta.DirectoryObje… {Confirm-MgBetaDirectoryObjectMemberGroup, Confirm-MgBetaDirectoryObjectMemberObject, Get-MgBetaDirectoryObject, Get-MgBetaDirectoryObjectB…
Script 2.12.0 Microsoft.Graph.Beta.Identity.Gove… {Add-MgBetaAccessReviewDecision, Add-MgBetaAccessReviewInstanceDecision, Add-MgBetaIdentityGovernanceAccessReviewDecisionInstanceDecision, …
Script 2.12.0 Microsoft.Graph.Beta.Identity.Sign… {Confirm-MgBetaInformationProtectionSignature, Confirm-MgBetaRiskyServicePrincipalCompromised, Confirm-MgBetaRiskyUserCompromised, Find-MgB…
Script 2.12.0 Microsoft.Graph.DirectoryObjects {Confirm-MgDirectoryObjectMemberGroup, Confirm-MgDirectoryObjectMemberObject, Get-MgDirectoryObject, Get-MgDirectoryObjectAvailableExtensio…
Environment Data
Name Value
---- -----
PSVersion 7.4.1
PSEdition Core
GitCommitId 7.4.1
OS Ubuntu 22.04.3 LTS
Platform Unix
PSCompatibleVersions {1.0, 2.0, 3.0, 4.0…}
PSRemotingProtocolVersion 2.3
SerializationVersion 1.1.0.1
WSManStackVersion 3.0