Reporting on Entra ID directory role assignments (including PIM)

Report on permanently assigned Entra ID directory roles as well as any PIM-eligible role assignments. The scripts come in two versions, one based on the Graph SDK for PowerShell and another one using “raw” Graph API requests. Supports Privileged Access Groups as well (PIM for groups). …

Continue readingReporting on Entra ID directory role assignments (including PIM)

Reporting on BitLocker recovery keys and associated devices

Due to popular demand, I put together a short script that generates a report of all BitLocker recovery keys in your tenant. Optionally, you can use the report to include device-level details, such as its compliance status, last activity or registered owner. …

Continue readingReporting on BitLocker recovery keys and associated devices

Reporting on Entra ID application registrations

An updated version of the script to generate a report of all Entra ID Application registrations and their properties. Use the report to find applications with expired credentials, to enforce credential rollover, review overprivileged applications and applications with no usage. A Graph SDK based version of the script is also provided. …

Continue readingReporting on Entra ID application registrations

Reporting on Entra ID integrated applications (service principals) and their permissions

In this article, we are presenting you with an update version of the PowerShell script to report on Entra ID service principal objects and their properties and permissions. In addition, a version of the script running on the Graph SDK for PowerShell is also provided, for usage with delegate permissions. …

Continue readingReporting on Entra ID integrated applications (service principals) and their permissions