Red Team - Finding Global Administrators

Discovering Azure AD Global Administrators using a standard Member account and a token obtained for the Azure Portal (ADIbizaUX).

PowerShell Code

Note: This code requires the Microsoft Graph SDK for PowerShell.

Sample Output

$globalAdmins.AdditionalProperties

Key               Value
---               -----
@odata.type       #microsoft.graph.user
businessPhones    {}
displayName       John Smith (Global Admin)
givenName         John
mail              john.smith@somewhere.onmicrosoft.com
surname           Smith

Mitigations

Block Microsoft Azure Management for certain users and or locations.