Listen to this Post
Managing permissions in Microsoft 365 and Entra ID can be complex, but the M365Permissions PowerShell module by Jos Lieben simplifies the process by providing a 360° view of permissions for users and groups, including external entities. This tool generates detailed reports (defaulting to XLSX) that capture all unique permissions, authentication details, and access rights.
🔗 Tool Link: M365Permissions PowerShell Module
You Should Know: Essential Commands and Practices for Permission Auditing
1. Installing the M365Permissions Module
To get started, install the module from the PowerShell Gallery:
Install-Module -Name M365Permissions -Force -AllowClobber
2. Authenticating to Microsoft 365/Entra ID
Before running scans, authenticate with:
Connect-MgGraph -Scopes "User.Read.All","Group.Read.All","Directory.Read.All"
3. Generating a Full Permission Report
Run a full permission scan and export to Excel:
Get-M365Permissions -ExportToExcel -OutputPath "C:\Reports\M365_Permissions_Report.xlsx"
4. Checking Permission Deltas Over Time
To compare changes between scans:
Compare-M365Permissions -OldReport "C:\Reports\Old_Report.xlsx" -NewReport "C:\Reports\New_Report.xlsx" -OutputPath "C:\Reports\Permission_Deltas.xlsx"
5. Listing External User Permissions
Identify external access risks:
Get-M365Permissions -IncludeExternalUsers | Export-Csv -Path "C:\Reports\External_Access.csv" -NoTypeInformation
6. Checking Role Assignments
Audit admin roles in Entra ID:
Get-MgDirectoryRole | ForEach-Object { Get-MgDirectoryRoleMember -DirectoryRoleId $_.Id }
7. Automating Regular Permission Audits
Schedule a weekly scan with Task Scheduler or a PowerShell script:
Save as Audit-M365Permissions.ps1 Get-M365Permissions -ExportToExcel -OutputPath "C:\Reports\M365_Audit_$(Get-Date -Format 'yyyyMMdd').xlsx"
What Undercode Say
Managing permissions in Microsoft 365 & Entra ID is critical for security. The M365Permissions module provides an efficient way to audit, track, and compare permissions. Key takeaways:
– Automate permission audits to detect excessive privileges.
– Monitor external access to prevent data leaks.
– Use PowerShell for bulk operations instead of manual checks.
For deeper security, combine this with Linux log analysis (journalctl -u sshd) or Windows event auditing (Get-WinEvent -LogName Security).
Expected Output:
- Excel reports with all permissions.
- Delta comparisons for tracking changes.
- External user access logs for compliance.
🔗 Tool Link: M365Permissions PowerShell Module
References:
Reported By: Beingageek M365permissions – Hackers Feeds
Extra Hub: Undercode MoN
Basic Verification: Pass ✅
