Background details can be found in the accompanied blog posts:
To run this script you’ll need these two PowerShell modules:
All of these can be installed directly within PowerShell:
First time use
The script uses a browser-based Login UI to connect to Azure. If you run the tool for the first time you might experience the following error
[*] Connecting to Microsoft Graph...
WARNING: WebBrowser control emulation not set for PowerShell or PowerShell ISE!
Would you like set the emulation to IE 11? Otherwise the login form may not work! (Y/N): Y
Emulation set. Restart PowerShell/ISE!
To solve this simply allow PowerShell to emulate the browser and rerun your command.
Import and run, no argumentes needed.
Note: On your first run you will likely have to authenticate twice (once Microsoft Graph and once against Azure AD Graph). I might wrap this into a single login in the future…
PS:> Import-Module .Azure-AccessPermissions.ps1