MS GRAPH

Updated Conditional Access HTML Export Script

Updated Conditional Access HTML Export Script

Hi All,

I’ve released an updated Version of my Conditional Access HTML Export PowerShell Script on my GitHub Repo.

It’s always a Pain to document Conditional Access Policies. So i’ve forked and modified the Script from https://github.com/dougsbaker/CA-Export to match my needs.

Recently i saw the new “Network” Section in the Conditional Access Policies. I Like when the Sections match the HTML Output

  • Users
  • Target resources
  • Network
  • Conditions
  • Grant
  • Session

The Script requires the Microsoft.Graph PowerShell Modules and the following Permissions

Exchange Online Microsoft Graph APIs for permanent deletion

Exchange Online Microsoft Graph APIs for permanent deletion

Hi All,

A few Weeks ago Microsoft has announced the Permanent Deletion of mailbox items.

It’s relatively simple. Instead of the “DELETE” HTTP Method you use the “POST” Method and add “/permanentDelete” to the URI.

###############################################################################
#Delete
#https://learn.microsoft.com/en-us/graph/api/message-delete?view=graph-rest-1.0&tabs=http
###############################################################################
DELETE /users/{UserId}/messages/{MessageId}
DELETE /users/{UserId}/mailFolders/{mailFolderId}/messages/{MessageId}

###############################################################################
#Permanently Delete
#https://learn.microsoft.com/en-us/graph/api/message-permanentdelete?view=graph-rest-1.0&tabs=http
###############################################################################
POST /users/{UserId}/messages/{MessageId}/permanentDelete
POST /users/{UserId}/mailFolders/{mailFolderId}/messages/{MessageId}/permanentDelete

Time for me to test the Functionality.

Microsoft.Graph PowerShell Modules 2.27.0 released

Microsoft.Graph PowerShell Modules 2.27.0 released

Hi All,

A few Hors ago, Microsoft has released the Version 2.27.0 of Microsoft.Graph and Microsoft.Graph.Beta Modules.

Release Notes

  • [v2] Weekly OpenApiDocs Refresh
  • [v2] Examples Update
  • Prevents automatic inference of properties with numeric characters defined as strings. e.g {“age”:“28”}"
  • Fixes removal of boolean and empty Json object values from request body
  • Task: Bootstrap acr-push pipeline by @Onokaev
  • Adds aliases to avoid conflicting cmdlets calling the same Api path
  • Adds Metadata for authentication module cmdlets
  • Added directives to disable generation of invalid Service Announcement cmdlets
  • Fix: Depend on previous stage by @Onokaev

Check for retiring OneNote App Permission in Entra

Check for retiring OneNote App Permission in Entra

Hi All,

With the MC1011142 Message Center Post, Microsoft has announced the retirement of App Permissions for OneNote:

Effective March 31, 2025, we will retire support for authentication tokens with application permissions (app-only tokens) for MSGraph OneNote APIs. We will continue to support authentication tokens that have delegated permissions. While app-only tokens are easy to use, they may be more easily exploited compared to more sophisticated authorization methods. Requests to the Notes API endpoints using tokens with application permissions will return 401 unauthorized errors starting March 31, 2025.

New ServicePlans have been addet to M365 Copilot

New ServicePlans have been addet to M365 Copilot

Hi All,

A while ago, i did write an Azure Runbook that compares my Licenses every week.

I’ve received an Email this Week, stating that there have been added some new Service Plans to the “Microsoft_365_Copilot” SKU.

In the M365 Admin Center it looks like this

Let’s check the Licenses with PowerShell

Connect-Graph -Scopes User.ReadWrite.All, Organization.Read.All -NoWelcome
Get-MgUserLicenseDetail -UserId a.bohren@icewolf.ch

Microsoft.Graph PowerShell Modules 2.26.1 released

Microsoft.Graph PowerShell Modules 2.26.1 released

Hi All,

A few Hors ago, Microsoft has released the Version 2.26.1 of Microsoft.Graph and Microsoft.Graph.Beta Modules.

Release Notes

  • Roll back to .NET 6
    • Refresh Open Api file for Devices.CorporateManagement Module to generate missing cmdlets
  • Ensures property values that have / are not modified to have them removed

I am using the new PSResourceGet here instead of the PowerShellGet commands.

Show installed Versions and what’s available in PowerShell Gallery

Microsoft.Graph PowerShell Modules 2.26.0 released

Microsoft.Graph PowerShell Modules 2.26.0 released

Hi All,

A few Hors ago, Microsoft has released the Version 2.26.0 of Microsoft.Graph and Microsoft.Graph.Beta Modules.

Release Notes

  • Bumps versions for Azure.Identity, Azure.Identity.Broker and Microsoft.Graph.Core
  • feat: add direct dependency on System.Text.Json
  • Allow serialization of null valued properties
  • [v2] Examples Update
  • Re-enables generation of Get cmdlets for attack simulation
  • Drop unsupported net 6 and net 7
  • Updated examples for New-MgInvitaiton and New-MgBetaInvitation
  • Removes invalid path. /security/attackSimulation
  • Removes undocumented operations under /identityGovernance/privilegedAccess/group/assignmentSchedules/{privilegedAccessGroupAssignmentSchedule-id}
  • Removes unnecessary response content for PATCH operation that returns http status code 204
  • Removes undocumented path that returns http status code 404
  • Ensures that cmdlets are correctly mapped to their respective modules
  • Removes invalid path/teams/{team-id}/channels/{channel-id}/messages/$count
  • Updates module mapping file to add missing tag tenantRelationships.tenantRelationship.Functions
  • Updates module mapping file to add missing tag policies.deviceRegistrationPolicy
  • Updates module mapping file to add missing tag me.authentication
  • Removes undocumented patch operation for /sites/{site-id}/pages/{baseSitePage-id}
  • Updates default output for MicrosoftGraphDirectoryObject model properties
  • Adds -ObjectId parameter as an alias for -ApplicationId
  • Regenerate missing cmdlets
  • Removes invalid Remove-MgBetaEntitlementManagementAccessPackageAssignmentcmdlet

Report Microsoft Authenticator Registration in Entra ID with Graph PowerShell

Report Microsoft Authenticator Registration in Entra ID with Graph PowerShell

Hi All,

I am working with a customer on a M365 Onboarding. Bevore migrating Users to the Cloud, we want to make sure the Onboarding of the Microsoft Authenticator App is successful. I was tasked to figure out a way to find out the Users that have registered the Microsoft Authenticator App for MFA Authentication.

Enduser Portal

From a User Perspective you can see in the Security Information that there are registered two Microsoft Authenticators.

Exchange Online Export-Import Graph API Preview

Exchange Online Export-Import Graph API Preview

Hi All,

About two Weeks ago, Microsoft has announced the public preview of the Exchange Export-Import Graph API.

Many of our customers currently rely on APIs powered by Exchange Web Services (EWS) for tasks like Exchange mailbox backup, archiving and migration. However, with the EWS deprecation initiative, customers have been asking for a method built on the Microsoft Graph platform to discover mailbox items, selectively export them and then import these items into Exchange Online mailboxes.