Skip to content
/ ConditionalAccessPolicyReport Public

PowerShell Script used to create a report for Azure AD Conditional Access Policies.

License

MIT license
34 stars 17 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Donovand4/ConditionalAccessPolicyReport

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

50 Commits
Generate-ConditionalAccessReport.ps1
Generate-ConditionalAccessReport.ps1
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 

Repository files navigation

ConditionalAccessPolicyReport

PowerShell Script used to create a report for Entra ID Conditional Access Policies.

Note

The modules used in the script may still be in development and may change during the development cycle.

TO DO:

Open to suggestions.

Description

The script will generate a report for all the Conditional Access Policies and Named Locations used in the Entra ID Tenant.
The report will resolve all ID's used within the policies for users, groups, named locations and applications.

Getting Started

Below is a list of steps recommended to allow the report to authenticate and retrieve the information required.
Steps:
1.  Download and install the Microsoft Graph PowerShell module by launching a PowerShell Console as Administrator 
    and execute the below command:        
        Install-Module Microsoft.Graph -AllowClobber -Force
        
2.  Launch a PowerShell Console
3.  Run the below to authenticate to the Microsoft Graph PowerShell (Preview) Application that is added to Azure AD.
        Connect-MgGraph -Scopes 'Policy.Read.All', 'Directory.Read.All'
        
4.  Complete the authentication by following the device login prompts.
5.  Review and accept the required permissions.
6.  The report can be executed as soon as the permissions are granted on the application.

Example

Generates a report in the CSV and HTML format in the same location where the script is located.
PS C:\> Generate-ConditionalAccessReport.ps1 -OutputFormat All -TenantID <TenantID>

Generates a report in the CSV format in the same location where the script is located.
PS C:\> Generate-ConditionalAccessReport.ps1 -OutputFormat CSV

Generates a report in the HTML format in the same location where the script is located.
PS C:\> Generate-ConditionalAccessReport.ps1 -OutputFormat HTML

Outputs

Exports .html and .csv files that contains the Conditional Access policies and Named Locations

Notes

The script will connect to the Microsoft Graph service and collect the required information.     
If PowerShell logs an error message for MaximumFunctionCount or MaximumVariableCount. This can be increased using the below.    
$MaximumFunctionCount = 8192 
$MaximumVariableCount = 8192

Link

Github - https://github.com/microsoftgraph/msgraph-sdk-powershell

About

PowerShell Script used to create a report for Azure AD Conditional Access Policies.

Resources

Readme

License

MIT license
Activity

Stars

34 stars

Watchers

6 watching

Forks

17 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

Languages