Today I needed to create a overview of all users with any Admin role within any tenant we manage as a Microsoft Service Provider (msp).
While searching I found two other scripts which I used and combined to make my own version, see the at the bottom of this post for the sources I used.
Below you will find the PowerShell script, make sure to change $msolUserCsv (if needed) and $UserName.
## CSV Path
$msolUserCsv = “C:\temp\adminaccounts.csv”## MSP username
$UserName = “admin@iterrors.com”## Start script
$Cred = get-credential -Credential $UserName
Connect-MSOLService -Credential $Cred
Import-Module MSOnline$Customers = Get-MsolPartnerContract -All
$msolUserResults = @()ForEach ($Customer in $Customers) {
Write-Host “Getting adminaccounts for $($Customer.Name)” -ForegroundColor Yellow
Write-Host ” ”$roles = Get-MsolRole
foreach ($role in $roles) {$Admins = Get-MsolRoleMember -TenantId $Customer.TenantId -RoleObjectId $role.ObjectId
foreach ($Admin in $Admins){
if($Admin.EmailAddress -ne $null){$MsolUserDetails = Get-MsolUser -UserPrincipalName $Admin.EmailAddress -TenantId $Customer.TenantId
$LicenseStatus = $MsolUserDetails.IsLicensed
$userProperties = @{CompanyName = $Customer.Name
PrimaryDomain = $Customer.DefaultDomainName
DisplayName = $Admin.DisplayName
EmailAddress = $Admin.EmailAddress
IsLicensed = $LicenseStatus
AdminRole = $role.Name
}Write-Host “$($Admin.DisplayName) from $($Customer.Name) is a $role.Name Admin”
$msolUserResults += New-Object psobject -Property $userProperties
}}}
Write-Host ” ” }$msolUserResults | Select-Object CompanyName,PrimaryDomain,DisplayName,EmailAddress,IsLicensed,AdminRole | Export-Csv -notypeinformation -Path $msolUserCsv
Write-Host “Export Complete, see $msolUserCsv for the exported file.”
sources
https://gist.github.com/ciphertxt/2036e614edf4bf920796059017fbbc3d