Azure Active Directory Find Current User’s Direct Reports

It’s useful to be able to present reports whose content depends on the currently authenticated user. You might want users to see and edit details about people that they manage in Azure Active Directory. For this, you can query their direct reports.

Azure Active Directory Find Current User’s Direct Reports in PowerShell

When you run the following script on your server, it will fetch disabled computers for a particular Azure Active Directory tenant. With a little bit of effort, you could do this for multiple tenants and export this to a CSV, HTML file, or send it in an email. The following techniques are quite different but are also equally valid. The graph API requires an authentication token but does not require importing the Azure Active Directory PowerShell commandlets.

Method Using Azure-specific CmdLets:


# or can use the current GA version
Import-Module AzureADPreview
# need to authenticate, can provide parameters as to not be prompted
Connect-AzureAD
$yourid = "jack@yourdomain.com"
Get-AzureADUserDirectReport -objectid $yourid

Method #2 Using Graph API:


...
# Assumes you have an authentication token
$AuthHeader = $authenticationResult.CreateAuthorizationHeader()
$yourid = "jack@yourdomain.com"
$url = "https://graph.windows.net/{0}/users/$jack/directReports?api-version=1.6"
$returnvals = Invoke-RestMethod -Method Get -Headers @{
Authorization = $authenticationResult.CreateAuthorizationHeader()
'Content-Type' = "application/json"
} -Uri ($url -f $authenticationResult.TenantId)
$returnvals.value

Web Active Directory’s PeopleAudit

Web Active Directory’s PeopleAudit allows you to run a report like this on demand or delegate it safely for others in your organization to run via their web browser. Users can filter and sort the results on the fly, and with a single button press print the results or export to your clipboard, PDF, Excel, or CSV.

Safely and securely specify the oAuth connection used to perform these reporting tasks.  Customize the report results and filters without scripting or coding.

Most reports we offer allow the ability to schedule them to run with some frequency and deliver to who you want via email.  This one is not one of those because it requires the context of a currently logged in user.  It can be customized (without scripting) to take a user as an input parameter:  at that point it could be scheduled.