Last active
April 15, 2024 16:54
-
-
Save arjancornelissen/ba48ced0fdcb310c9e44a4308299b63c to your computer and use it in GitHub Desktop.
Enable PIM role via the Graph PowerShell Modules
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Connect via deviceauthentication and get the TenantID and User ObjectID | |
| Connect-MgGraph -UseDeviceAuthentication | |
| $context = Get-MgContext | |
| $currentUser = (Get-MgUser -UserId $context.Account).Id | |
| # Get all available roles | |
| $myRoles = Get-MgRoleManagementDirectoryRoleEligibilitySchedule -ExpandProperty RoleDefinition -All -Filter "principalId eq '$currentuser'" | |
| # Get SharePoint admin role info | |
| $myRole = $myroles | Where-Object {$_.RoleDefinition.DisplayName -eq "SharePoint Service Administrator"} | |
| # Setup parameters for activation | |
| $params = @{ | |
| Action = "selfActivate" | |
| PrincipalId = $myRole.PrincipalId | |
| RoleDefinitionId = $myRole.RoleDefinitionId | |
| DirectoryScopeId = $myRole.DirectoryScopeId | |
| Justification = "Enable SharePoint admin role" | |
| ScheduleInfo = @{ | |
| StartDateTime = Get-Date | |
| Expiration = @{ | |
| Type = "AfterDuration" | |
| Duration = "PT4H" | |
| } | |
| } | |
| TicketInfo = @{ | |
| TicketNumber = TS46283 | |
| TicketSystem = "OurTicketSysytem" | |
| } | |
| } | |
| # Activate the role | |
| New-MgRoleManagementDirectoryRoleAssignmentScheduleRequest -BodyParameter $params |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment