diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md index 075f0c3cb..5b8fd137a 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaContract.md @@ -50,35 +50,7 @@ Get-EntraBetaContract The `Get-EntraBetaContract` cmdlet gets a contract information associated to a partner tenant. -The contract object contains the following attributes: - -- `contractType` - type of the contract. - -Possible values are: - -1. SyndicationPartner - indicates a partner that exclusively resells and manages O365 and Intune for this customer. -They resell and support their customers. -1. BreadthPartner - indicates that the partner has the ability to provide administrative support for this customer. -However the partner isn't allowed to resell to the customer. -1. ResellerPartner - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. - -- `customerContextId` - unique identifier for the customer tenant referenced by this partnership. - -Corresponds to the ObjectId property of the customer tenant's TenantDetail object. - -- `defaultDomainName` - a copy of the customer tenant's default domain name. -The copy is made when the partnership with the customer is established. -It isn't automatically updated if the customer tenant's default domain name changes. - -- `deletionTimestamp` - this property isn't valid for contracts and always returns null. - -- `displayName` - a copy of the customer tenant's display name. -The copy is made when the partnership with the customer is established. -It isn't automatically updated if the customer tenant's display name changes. - -- `objectType` - a string that identifies the object type. The value is always `Contract`. - -- `ContractId` - the unique identifier for the partnership. +In delegated scenarios with work or school accounts, the `Directory Readers` role is the only least privileged role that supports this operation for the signed-in user ## Examples @@ -193,4 +165,29 @@ This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVar ## Notes +The contract object contains the following attributes: + +`contractType` - type of the contract. + +Possible values are: + +**SyndicationPartner** - indicates a partner that exclusively resells and manages O365 and Intune for this customer. +They resell and support their customers. +**BreadthPartner** - indicates that the partner has the ability to provide administrative support for this customer. However the partner isn't allowed to resell to the customer. +**ResellerPartner** - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. + +`customerContextId` - unique identifier for the customer tenant referenced by this partnership. + +Corresponds to the ObjectId property of the customer tenant's TenantDetail object. + +`defaultDomainName` - a copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's default domain name changes. + +`deletionTimestamp` - this property isn't valid for contracts and always returns null. + +`displayName` - a copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's display name changes. + +`objectType` - a string that identifies the object type. The value is always `Contract`. + +`ContractId` - the unique identifier for the partnership. + ## Related Links diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md index e9a854475..24d75ccb7 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaGroupMember.md @@ -72,7 +72,7 @@ aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb My Application #microsoft.graph.serviceP cccccccc-8888-9999-0000-dddddddddddd Contoso Group #microsoft.graph.group ``` -This example retrieves the members of a specified group by its `GroupId`. +This example retrieves the members of a specified group by its `GroupId` and selects only the `Id`, `DisplayName` and `@odata.type` properties for each member. - `-GroupId` specifies the ID of a group. @@ -133,7 +133,7 @@ bbbbbbbb-7777-8888-9999-cccccccccccc This example demonstrates how to retrieve group member by ID. -- `-GroupId` specifies the ID of a group. +- `-GroupId` Specifies the ID of a group. ## Parameters diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md index a7ccc572a..5e485bf9b 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaTrustFrameworkPolicy.md @@ -47,6 +47,8 @@ Get-EntraBetaTrustFrameworkPolicy The `Get-EntraBetaTrustFrameworkPolicy` cmdlet retrieves the trust framework policies that have been created in the directory. +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. + ## Examples ### Example 1: Retrieves the list of all trust framework policies in the directory diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md index 898d47ed3..3baac885d 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Get-EntraBetaUser.md @@ -146,7 +146,7 @@ In this example, we retrieve all users whose MailNickname starts with Ada. ```powershell Connect-Entra -Scopes 'User.Read.All','AuditLog.Read.All' -Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -ExpandProperty 'SignInActivity' +Get-EntraBetaUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -Property Id, DisplayName, UserPrincipalName -ExpandProperty 'SignInActivity' ``` ```Output @@ -156,6 +156,9 @@ lastSuccessfulSignInDateTime : 9/9/2024 1:12:13 PM lastNonInteractiveSignInDateTime : 9/9/2024 1:12:13 PM lastSuccessfulSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa lastSignInDateTime : 9/7/2024 9:15:41 AM +id : aaaaaaaa-bbbb-cccc-1111-222222222222 +displayName : Sawyer Miller +userPrincipalName : SawyerM@contoso.com ``` This example demonstrates how to retrieve the SignInActivity of a specific user by selecting a property. diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md index 4847d156a..151a8a191 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/New-EntraBetaTrustFrameworkPolicy.md @@ -47,9 +47,7 @@ New-EntraBetaTrustFrameworkPolicy The `New-EntraBetaTrustFrameworkPolicy` cmdlet is used to create a trust framework policy in the directory. -The contents of the trust framework policy to be created can be provided using a file or a command line variable. - -The contents of the created trust framework policy can be written to an output file or to the screen. +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. ## Examples diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md index 3ceb52820..0c0805d7f 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Remove-EntraBetaTrustFrameworkPolicy.md @@ -35,7 +35,7 @@ Remove-EntraBetaTrustFrameworkPolicy The `Remove-EntraBetaTrustFrameworkPolicy` cmdlet deletes a trust framework policy in the Microsoft Entra ID. The trust framework policy is permanently deleted. -The work or school account must have the `B2C IEF Keyset Administrator` role in Microsoft Entra. +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. ## Examples diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md index 1af958b07..ffbc8ade9 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaGroup.md @@ -60,8 +60,7 @@ This command updates the display name of a specified group in Microsoft Entra ID ```powershell Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraBetaGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -Set-EntraBetaGroup -GroupId $group.Id -Description 'Updated Group Description' +Get-EntraBetaGroup -Filter "displayName eq 'HelpDesk Team Leaders'" | Set-EntraBetaGroup -Description 'HelpDesk Team Leaders Global' ``` This example demonstrates how to update a group description. diff --git a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md index bfa558b6e..29b0953fb 100644 --- a/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md +++ b/module/docs/entra-powershell-beta/Microsoft.Graph.Entra.Beta/Set-EntraBetaTrustFrameworkPolicy.md @@ -49,9 +49,7 @@ Set-EntraBetaTrustFrameworkPolicy The `Set-EntraBetaTrustFrameworkPolicy` cmdlet is used to update a trust framework policy in the directory. -The contents of the trust framework policy to be updated can be provided using a file or a command line variable. - -The contents of the updated trust framework policy can be written to an output file or to the screen. +In delegated scenarios with work or school accounts, the admin must have a supported Microsoft Entra role or a custom role with the required permissions. The `B2C IEF Policy Administrator` is the least privileged role that supports this operation. ## Examples diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md index c65dae7c2..b2b482094 100644 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md +++ b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraContract.md @@ -49,35 +49,7 @@ Get-EntraContract The `Get-EntraContract` cmdlet gets a contract information associated to a partner tenant. -The contract object contains the following attributes: - -- `contractType` - type of the contract. - -Possible values are: - -1. SyndicationPartner - indicates a partner that exclusively resells and manages O365 and Intune for this customer. -They resell and support their customers. -1. BreadthPartner - indicates that the partner has the ability to provide administrative support for this customer. -However the partner isn't allowed to resell to the customer. -1. ResellerPartner - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. - -- `customerContextId` - unique identifier for the customer tenant referenced by this partnership. - -Corresponds to the ObjectId property of the customer tenant's TenantDetail object. - -- `defaultDomainName` - a copy of the customer tenant's default domain name. -The copy is made when the partnership with the customer is established. -It isn't automatically updated if the customer tenant's default domain name changes. - -- `deletionTimestamp` - this property isn't valid for contracts and always returns null. - -- `displayName` - a copy of the customer tenant's display name. -The copy is made when the partnership with the customer is established. -It isn't automatically updated if the customer tenant's display name changes. - -- `objectType` - a string that identifies the object type. The value is always `Contract`. - -- `ContractId` - the unique identifier for the partnership. +In delegated scenarios with work or school accounts, the `Directory Readers` role is the only least privileged role that supports this operation for the signed-in user ## Examples @@ -192,4 +164,29 @@ This cmdlet supports the common parameters: `-Debug`, `-ErrorAction`, `-ErrorVar ## Notes +The contract object contains the following attributes: + +`contractType` - type of the contract. + +Possible values are: + +**SyndicationPartner** - indicates a partner that exclusively resells and manages O365 and Intune for this customer. +They resell and support their customers. +**BreadthPartner** - indicates that the partner has the ability to provide administrative support for this customer. However the partner isn't allowed to resell to the customer. +**ResellerPartner** - indicates a partner that is similar to a syndication partner, except that it doesn't have exclusive access to a tenant. In the syndication case, the customer can't buy additional direct subscriptions from Microsoft or from other partners. + +`customerContextId` - unique identifier for the customer tenant referenced by this partnership. + +Corresponds to the ObjectId property of the customer tenant's TenantDetail object. + +`defaultDomainName` - a copy of the customer tenant's default domain name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's default domain name changes. + +`deletionTimestamp` - this property isn't valid for contracts and always returns null. + +`displayName` - a copy of the customer tenant's display name. The copy is made when the partnership with the customer is established. It isn't automatically updated if the customer tenant's display name changes. + +`objectType` - a string that identifies the object type. The value is always `Contract`. + +`ContractId` - the unique identifier for the partnership. + ## Related Links diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md index 53bf1a526..ff3f1cfb0 100644 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md +++ b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraGroupMember.md @@ -72,7 +72,7 @@ aaaaaaaa-6666-7777-8888-bbbbbbbbbbbb My Application #microsoft.graph.serviceP cccccccc-8888-9999-0000-dddddddddddd Contoso Group #microsoft.graph.group ``` -This example retrieves the members of a specified group by its `GroupId` and selects only the `DisplayName` and `@odata.type` properties for each member. +This example retrieves the members of a specified group by its `GroupId` and selects only the `Id`, `DisplayName` and `@odata.type` properties for each member. - `-GroupId` specifies the ID of a group. @@ -87,8 +87,8 @@ Get-EntraGroupMember -GroupId $group.Id -Top 2 ```Output Id DeletedDateTime -- --------------- -00aa00aa-bb11-cc22-dd33-44ee44ee44ee -11bb11bb-cc22-dd33-ee44-55ff55ff55ff +cccccccc-8888-9999-0000-dddddddddddd +dddddddd-9999-0000-1111-eeeeeeeeeeee ``` This example demonstrates how to retrieve top two groups from Microsoft Entra ID. diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md index b463aa703..b0b93e6c3 100644 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md +++ b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Get-EntraUser.md @@ -145,7 +145,7 @@ In this example, we retrieve all users whose MailNickname starts with Ada. ```powershell Connect-Entra -Scopes 'User.Read.All','AuditLog.Read.All' -Get-EntraUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -ExpandProperty 'SignInActivity' +Get-EntraUser -UserId 'SawyerM@contoso.com' -Property 'SignInActivity' | Select-Object -Property Id, DisplayName, UserPrincipalName -ExpandProperty 'SignInActivity' ``` ```Output @@ -155,6 +155,9 @@ lastSuccessfulSignInDateTime : 9/9/2024 1:12:13 PM lastNonInteractiveSignInDateTime : 9/9/2024 1:12:13 PM lastSuccessfulSignInRequestId : bbbbbbbb-1111-2222-3333-aaaaaaaaaaaa lastSignInDateTime : 9/7/2024 9:15:41 AM +id : aaaaaaaa-bbbb-cccc-1111-222222222222 +displayName : Sawyer Miller +userPrincipalName : SawyerM@contoso.com ``` This example demonstrates how to retrieve the SignInActivity of a specific user by selecting a property. diff --git a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md index cc1465e6f..89bea7d24 100644 --- a/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md +++ b/module/docs/entra-powershell-v1.0/Microsoft.Graph.Entra/Set-EntraGroup.md @@ -58,8 +58,7 @@ This command updates the display name of a specified group in Microsoft Entra ID ```powershell Connect-Entra -Scopes 'Group.ReadWrite.All' -$group = Get-EntraGroup -Filter "DisplayName eq 'HelpDesk Team Leaders'" -Set-EntraGroup -GroupId $group.Id -Description 'Updated Group Description' +Get-EntraGroup -Filter "displayName eq 'HelpDesk Team Leaders'" | Set-EntraGroup -Description 'HelpDesk Team Leaders Global' ``` This example demonstrates how to update a group description.