How to Use Get-MgUserDirectReport to Fetch Microsoft 365 User Direct Reports

What is Get-MgUserDirectReport?

The Get-MgUserDirectReport cmdlet is part of the Microsoft Graph PowerShell module and is used to retrieve a list of users who directly report to a specified Microsoft 365 user. This cmdlet helps administrators gain insight into organizational reporting structures and streamline management tasks.

Why Use Get-MgUserDirectReport?

Understanding reporting relationships is crucial for IT administrators, HR teams, and compliance officers. The Get-MgUserDirectReport cmdlet is useful for:

• ✅Identifying employees reporting to a specific manager.
• ✅Automating organizational hierarchy reporting.
• ✅Auditing reporting structures within an organization.
• ✅Managing access control and approval workflows.

Cmdlet Syntax

The basic syntax for Get-MgUserDirectReport is:

Get-MgUserDirectReport -UserId <UserID>

Parameters:

• -UserId: The unique identifier (UserPrincipalName or ObjectId) of the manager whose direct reports you want to fetch.

Usage Examples

1. Basic Example: Fetch Direct Reports' User IDs

This example retrieves the User IDs of all direct reports under a specified manager.

Get-MgUserDirectReport -UserId samadmin@7xh7fj.onmicrosoft.com


2. Fetch Detailed Direct Reports Information

To retrieve direct reports' Display Name, Job Title, and Email Address, we first fetch the user IDs and then retrieve their details using Get-MgUser.

$directReports = Get-MgUserDirectReport -UserId "samadmin@7xh7fj.onmicrosoft.com"

# Check if any direct reports are returned
if ($directReports.Count -gt 0) {
    # Loop through each direct report and retrieve full user details
    $directReports | ForEach-Object {
    $userId = $_.Id
    $user = Get-MgUser -UserId $userId
    [PSCustomObject]@{
        DisplayName = $user.DisplayName
        JobTitle    = $user.JobTitle
        UserPrincipalName = $user.UserPrincipalName
        Email       = $user.Mail
    }
} | Format-Table -AutoSize
} else {
    Write-Host "No direct reports found for the specified user."
}
                                            

Frequently Asked Questions

• ❓What happens if the user does not have any direct reports?

If a user has no direct reports, the cmdlet will return an empty result.

• ❓Can I retrieve direct reports for guest users?

No, guest users in Microsoft 365 typically do not have direct reports assigned.

• ❓Can I use this cmdlet to update direct reports?

No, Get-MgUserDirectReport is a read-only cmdlet. To modify reporting relationships, use Set-MgUserManager.

Possible Errors & Solutions

Error	Cause	Solution
Request_ResourceNotFound	The user ID provided does not exist.	Ensure the correct UserPrincipalName or Object ID is used.
NotFound	The user does not have any direct reports.	Verify if the user has subordinates in Azure AD.
Permission Denied	Insufficient permissions to run the cmdlet.	Ensure your account has User.Read.All and Directory.Read.All permissions.

Use Cases

• 🔹 HR and Organizational Structure Reports: HR teams can use this cmdlet to generate reports on direct reporting structures within the company.
• 🔹 Workflow Automation: Automate processes that require managerial approvals, such as project approvals and leave requests.
• 🔹 Security & Compliance: Ensure that all employees have correctly assigned reporting managers to maintain organizational hierarchy compliance.

Conclusion

The Get-MgUserDirectReport cmdlet is an essential tool for Microsoft 365 administrators to retrieve user reporting relationships efficiently. It helps automate reporting tasks, enables workflow management, and ensures compliance with organizational policies. By utilizing PowerShell scripts, you can quickly fetch and analyze reporting structures to streamline administrative operations.

Start using Get-MgUserDirectReport today to enhance your Microsoft 365 administration!