Citrix Virtual Apps and Desktops SDK

Get-AcctAzureADSecurityGroup

Retrieve the security groups in specific Azure tenant.

Syntax

Get-AcctAzureADSecurityGroup
   [-AccessToken] <String>
   [-GroupId <String>]
   [-Name <String>]
   [-SearchString <String>]
   [-Assigned <Boolean>]
   [-Dynamic <Boolean>]
   [-ReturnTotalRecordCount]
   [-MaxRecordCount <Int32>]
   [-Skip <Int32>]
   [-SortBy <String>]
   [-Filter <String>]
   [-FilterScope <Guid>]
   [<CitrixCommonParameters>]
   [<CommonParameters>]
<!--NeedCopy-->

Description

Provides the ability to retrieve the Azure AD security groups of specific Azure tenant.

Examples

EXAMPLE 1

Gets Azure AD security groups with the object id of “e17d1c86-efgh-efgh-efgh-97e22c7bd96c”.

Get-AcctAzureADSecurityGroup -AccessToken $accessToken -GroupId "e17d1c86-efgh-efgh-efgh-97e22c7bd96c"

MembershipRule : (device.displayName -match "AzureADMC[0-9]{3}$")
Name : SecurityGroupOfAzureADMachineCatalog
ObjectId  : e17d1c86-efgh-efgh-efgh-97e22c7bd96c
Type : Dynamic
<!--NeedCopy-->

EXAMPLE 2

Gets AzureAD security group with the name of “ABCD”.

Get-AcctAzureADSecurityGroup -AccessToken $accessToken -Name "SecurityGroupOfAzureADMachineCatalog"

MembershipRule : (device.displayName -match "AzureADMC[0-9]{3}$")
Name : SecurityGroupOfAzureADMachineCatalog
ObjectId  : e17d1c86-efgh-efgh-efgh-97e22c7bd96c
Type : Dynamic
<!--NeedCopy-->

EXAMPLE 3

Gets AzureAD security group with name contains of “ABCD”.

Get-AcctAzureADSecurityGroup -AccessToken $accessToken -SearchString "SecurityGroup"

MembershipRule : (device.displayName -match "AzureADMC[0-9]{3}$")
Name : SecurityGroupOfAzureADMachineCatalog
ObjectId  : e17d1c86-efgh-efgh-efgh-97e22c7bd96c
Type : Dynamic
<!--NeedCopy-->

EXAMPLE 4

Gets all AzureAD assigned security groups.

Get-AcctAzureADSecurityGroup -AccessToken $accessToken -AssignedOnly

MembershipRule : (device.displayName -match "AzureADMC[0-9]{3}$")
Name : SecurityGroupOfAzureADMachineCatalog
ObjectId  : e17d1c86-efgh-efgh-efgh-97e22c7bd96c
Type : Assigned
<!--NeedCopy-->

Parameters

-AccessToken

Access token of Microsoft Graph API. Make sure grant consent to following permissions:

  • Group.Read.All
Type: String
Position: 2
Default value: None
Required: True
Accept pipeline input: False
Accept wildcard characters: True

-GroupId

The ObjectId of an AzureAD security group.

Type: String
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: True

-Name

The Name of the AzureAD security group.

Type: String
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: True

-SearchString

The search expression of the AzureAD security group display name.

Type: String
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: True

-Assigned

Specify only assigned AzureAD security group will retrieve.

Type: Boolean
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-Dynamic

Specify only dynamic AzureAD security group will retrieve.

Type: Boolean
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-ReturnTotalRecordCount

When specified, the cmdlet outputs an error record containing the number of records available. This error record is additional information and does not affect the objects written to the output pipeline. See about_Acct_Filtering for details.

Type: SwitchParameter
Position: Named
Default value: False
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-MaxRecordCount

Specifies the maximum number of records to return.

Type: Int32
Position: Named
Default value: 250
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-Skip

Skips the specified number of records before returning results. Also reduces the count returned by -ReturnTotalRecordCount.

Type: Int32
Position: Named
Default value: 0
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-SortBy

Sorts the results by the specified list of properties. The list is a set of property names separated by commas, semi-colons, or spaces. Optionally, prefix each name with a + or - to indicate ascending or descending order. Ascending order is assumed if no prefix is present.

Type: String
Position: Named
Default value: The default sort order is by name or unique identifier.
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-Filter

Gets records that match a PowerShell-style filter expression. See about_Acct_Filtering for details.

Type: String
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False

-FilterScope

Gets only results allowed by the specified scope id.

Type: Guid
Position: Named
Default value: None
Required: False
Accept pipeline input: False
Accept wildcard characters: False

CitrixCommonParameters

This cmdlet supports the common Citrix parameters: -AdminAddress, -AdminClientIP, -BearerToken, -TraceParent, -TraceState and -VirtualSiteId. For more information, see about_CitrixCommonParameters.

CommonParameters

This cmdlet supports the common parameters: -Debug, -ErrorAction, -ErrorVariable, -InformationAction, -InformationVariable, -OutVariable, -OutBuffer, -PipelineVariable, -Verbose, -WarningAction, and -WarningVariable. For more information, see about_CommonParameters.

Inputs

None

You can’t pipe objects to this cmdlet.

Outputs

Citrix.ADIdentity.Sdk.AzureADSecurityGroup

This object provides details of an object of the Azure AD security group and contains the following information:

  • MembershipRule <string>

    The membershipRule of AzureAD security group.

  • Name <string>

    The name of AzureAD security group.

  • ObjectId <Guid>

    The unique Object Id of the AzureAD security group.

  • Type <string>

    The type of AzureAD security group.

Notes

The parameter GroupId will take priority over other parameters.

When all parameters are empty, it will return all assigned security groups under current tenant id that encoded in assess token.

In the case of failure, the following errors can result:

  • PartialData

    Only a subset of the available data was returned.

  • PermissionDenied

    The user does not have administrative rights to perform this operation.

  • ConfigurationLoggingError

    The operation could not be performed because of a configuration logging error

  • CommunicationError

    An error occurred while communicating with the service.

  • InvalidFilter

    A filtering expression was supplied that could not be interpreted for this cmdlet.

  • ExceptionThrown

    An unexpected error occurred. To locate more details, see the Windows event logs on the controller being used or examine the XenDesktop logs

Get-AcctAzureADSecurityGroup