diff --git a/source/Private/Get-AdminRoleUserAndAssignment.ps1 b/source/Private/Get-AdminRoleUserAndAssignment.ps1 index 2ed74ec..7299530 100644 --- a/source/Private/Get-AdminRoleUserAndAssignment.ps1 +++ b/source/Private/Get-AdminRoleUserAndAssignment.ps1 @@ -1,27 +1,20 @@ function Get-AdminRoleUserAndAssignment { [CmdletBinding()] param () - $result = @{} - # Get the DisplayNames of all admin roles $adminRoleNames = (Get-MgDirectoryRole | Where-Object { $null -ne $_.RoleTemplateId }).DisplayName - # Get Admin Roles - $adminRoles = Get-MgRoleManagementDirectoryRoleDefinition | Where-Object { ($adminRoleNames -contains $_.DisplayName) -and ($_.DisplayName -ne "Directory Synchronization Accounts") } - + $adminRoles = Get-MgRoleManagementDirectoryRoleDefinition | Where-Object { ($adminRoleNames -contains $_.DisplayName) -and ($_.DisplayName -ne 'Directory Synchronization Accounts') } foreach ($role in $adminRoles) { Write-Verbose "Processing role: $($role.DisplayName)" $roleAssignments = Get-MgRoleManagementDirectoryRoleAssignment -Filter "roleDefinitionId eq '$($role.Id)'" - foreach ($assignment in $roleAssignments) { Write-Verbose "Processing role assignment for principal ID: $($assignment.PrincipalId)" - $userDetails = Get-MgUser -UserId $assignment.PrincipalId -Property "DisplayName, UserPrincipalName, Id, OnPremisesSyncEnabled" -ErrorAction SilentlyContinue - + $userDetails = Get-MgUser -UserId $assignment.PrincipalId -Property 'DisplayName, UserPrincipalName, Id, OnPremisesSyncEnabled' -ErrorAction SilentlyContinue if ($userDetails) { Write-Verbose "Retrieved user details for: $($userDetails.UserPrincipalName)" $licenses = Get-MgUserLicenseDetail -UserId $assignment.PrincipalId -ErrorAction SilentlyContinue - if (-not $result[$role.DisplayName]) { $result[$role.DisplayName] = @() } @@ -33,6 +26,5 @@ function Get-AdminRoleUserAndAssignment { } } } - return $result }