diff --git a/Save-AzureADUser.ps1 b/Save-AzureADUser.ps1 index cf99c03..69edd05 100644 --- a/Save-AzureADUser.ps1 +++ b/Save-AzureADUser.ps1 @@ -1,90 +1,58 @@ - -# Check that AzureAD is installed -if (-Not (Get-Module -ListAvailable -Name AzureAD)) { - - $install = Read-Host 'The AzureAD PowerShell module is not installed. Do you want to install it now? (Y/n)' - - if($install -eq '' -Or $install -eq 'Y' -Or $install -eq 'Yes'){ - If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) - { - Write-Warning "Administrator permissions are needed to install the AzureAD PowerShell module.`nPlease re-run this script as an Administrator." +# Check that the needed Microsoft Graph Modules are installed and install only if needed +$Modules = "Microsoft.Graph.Authentication", "Microsoft.Graph.Identity.DirectoryManagement", "Microsoft.Graph.Users" +$CurrentModules = Get-Module -ListAvailable -Name $Modules +$ToInstall = Compare-Object -ReferenceObject @($CurrentModules | Select-Object) -DifferenceObject $Modules +if ($ToInstall) { + $Install = Read-Host 'The Microsoft Graph PowerShell module is not installed. Do you want to install it now? (Y/n)' + if ($Install -eq '' -Or $Install -eq 'Y' -Or $Install -eq 'Yes') { + If (-NOT ([Security.Principal.WindowsPrincipal] [Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) { + Write-Warning "Administrator permissions are needed to install the Microsoft Graph PowerShell module.`nPlease re-run this script as an Administrator." Exit } - - write-host "Installing" - Install-Module -Name AzureAD + Write-Host "Installing: $($ToInstall.InputObject)" + Install-Module $ToInstall.InputObject } else { - exit + Exit } } - -# Create a temporary file to hold the unformatted results of our Get-AzureADUser query -$TempFile = New-TemporaryFile - -#Go ahead and attempt to get the Azure AD user IDs, but catch the error if there is no existing connection to Azure AD -Try -{ - Get-AzureADUser -All:$true | Export-Csv -Path $TempFile -NoTypeInformation -encoding Utf8 -} -Catch [Microsoft.Open.Azure.AD.CommonLibrary.AadNeedAuthenticationException] -{ - #Connect to Azure AD. This will show a prompt. - Connect-AzureAD | Out-Null - - #Try again - Get-AzureADUser -All:$true | Export-Csv -Path $TempFile -NoTypeInformation -encoding Utf8 -} - - -# Get the tennant details -$Tenant = Get-AzureADTenantDetail - -# Get the unformatted data from the temporary file -$azureADUsers = import-csv $TempFile +#Connect to Microsoft Graph and get all users +Connect-MgGraph -Scopes Directory.Read.All -NoWelcome +$EntraUsers = Get-MgUser -All # Create the XML file -$xmlsettings = New-Object System.Xml.XmlWriterSettings -$xmlsettings.Indent = $true -$xmlsettings.IndentChars = " " - -$XmlWriter = [System.XML.XmlWriter]::Create("$((Get-Location).Path)\ForensiTAzureID.xml", $xmlsettings) +$XMLSettings = New-Object System.Xml.XmlWriterSettings +$XMLSettings.Indent = $true +$XMLSettings.IndentChars = " " +$XMLWriter = [System.XML.XmlWriter]::Create("$((Get-Location).Path)\ForensiTAzureID.xml", $XMLSettings) # Write the XML Declaration and set the XSL -$xmlWriter.WriteStartDocument() -$xmlWriter.WriteProcessingInstruction("xml-stylesheet", "type='text/xsl' href='style.xsl'") +$XMLWriter.WriteStartDocument() +$XMLWriter.WriteProcessingInstruction("xml-stylesheet", "type='text/xsl' href='style.xsl'") # Start the Root Element -$xmlWriter.WriteStartElement("ForensiTAzureID") - -# Write the Azure AD domain details as attributes -$xmlWriter.WriteAttributeString("ObjectId", $($Tenant.ObjectId)) -$xmlWriter.WriteAttributeString("Name", $($Tenant.VerifiedDomains.Name)); -$xmlWriter.WriteAttributeString("DisplayName", $($Tenant.DisplayName)); +$XMLWriter.WriteStartElement("ForensiTAzureID") +# Write the Entra ID domain details as attributes +$Context = Get-MgContext +$XMLWriter.WriteAttributeString("ObjectId", $Context.TenantId) +$XMLWriter.WriteAttributeString("Name", (Get-MgDomain).Id); +$TenantName = (Invoke-RestMethod -UseBasicParsing -Uri ("https://login.microsoftonline.com/GetUserRealm.srf?login=$($Context.Account)")).FederationBrandName +$XMLWriter.WriteAttributeString("DisplayName", $TenantName); #Parse the data -ForEach ($azureADUser in $azureADUsers){ +ForEach ($EntraUser in $EntraUsers) { - $xmlWriter.WriteStartElement("User") - - $xmlWriter.WriteElementString("UserPrincipalName",$($azureADUser.UserPrincipalName)) - $xmlWriter.WriteElementString("ObjectId",$($azureADUser.ObjectId)) - $xmlWriter.WriteElementString("DisplayName",$($azureADUser.DisplayName)) - - $xmlWriter.WriteEndElement() - } - -$xmlWriter.WriteEndElement() + $XMLWriter.WriteStartElement("User") + $XMLWriter.WriteElementString("UserPrincipalName", $($EntraUser.UserPrincipalName)) + $XMLWriter.WriteElementString("ObjectId", $($EntraUser.Id)) + $XMLWriter.WriteElementString("DisplayName", $($EntraUser.DisplayName)) + $XMLWriter.WriteEndElement() +} +$XMLWriter.WriteEndElement() # Close the XML Document -$xmlWriter.WriteEndDocument() -$xmlWriter.Flush() -$xmlWriter.Close() - - -# Clean up -Remove-Item $TempFile - -write-host "Azure user ID file created: $((Get-Location).Path)\ForensiTAzureID.xml" - +$XMLWriter.WriteEndDocument() +$XMLWriter.Flush() +$XMLWriter.Close() +write-host "Entra ID user file created: $((Get-Location).Path)\ForensiTAzureID.xml"