Having “historically grown” structures it could happen that you lose the overview of all role assisgnments in Azure AD. With this script you can create a report: Import-Module AzureAD Connect-AzureAD $AllAzureADDirectoryRoles = Get-AzureADDirectoryRole $Table = @() Foreach ($AzureADDirectoryRole in $AllAzureADDirectoryRoles){ Foreach($User in ($AzureADDirectoryRole | Get-AzureADDirectoryRoleMember)){ $Row = “” | Select DirectoryRole,UserPrincipalName $Row.DirectoryRole = $AzureADDirectoryRole.DisplayName $Row.UserPrincipalName Read more about Report all Azure AD role assignments[…]