Friday, November 23, 2018

Azure AD : Getting the UPN

I've been playing around with the custom SAML connection in Azure AD and the "claims transformations"  that you can do e.g. tolower.

My interest was Guest accounts.

The user screens don't show the UPN so I needed to do this with PowerShell.

connect-azuread -tenant tenantname

Get-AzureADUser -Filter "userType eq 'Guest'" -All $true | select Displa

This displays:

DisplayName                    : Joe
UserPrincipalName              :
Mail                           :
Department                     :
UserType                       : Guest
CreationType                   : Invitation
RefreshTokensValidFromDateTime : 21/11/2018 11:13:58 p.m.
AccountEnabled                 : True

Or if you wanted the top 10:

Get-AzureADUser -Filter "userType eq 'Guest'" -Top 10 | select DisplayNa

Or complex filter:

Get-AzureADUser -Filter "mail eq '' and userType eq '

If you want to see the full list of Azure AD attributes with the complete schema, use:

Get-AzureADUser  -All $true | fl > allad.txt


No comments: