Good morning, all.
I need to obtain a report to show the following data in each environment: (the plan it to populate a new Table in the COE environment named 'userrolemapping'
The associated Entra Security group name (if it has one, these are usually set as the Base Group for the Environment)
Any direct assigned Security Roles (not provided by a Dynamics / Dataverse Team)
We also have the Centre of Excellence installed so we can take advantage of some of the tables it uses. (I am aware this is being retired, but will continue working with its latest version)
So far, I have had limited success, Using the Centre of Excellence COE admin_environments table to get a list of the active (non Microsoft Teams) environments.
But trying to get a list of users and Dynamics teams is proving difficult.
I've gone as far as using the
https://api.bap.microsoft.com/providers/Microsoft.BusinessAppPlatform/scopes/admin/environments?api-version=2016-11-01&`$expand=properties endpoint to return the environment names (OR successfully used the COE admin_environments table to do this..either or work.
I was originally trying to use the systemusers table in every environment to get the user list, but after way too long discovered this table is inaccurate.
Then the Dynamics Endpoint for the Dynamics / Dataverse Teams
$teamUrl = "$baseUrl/api/data/v9.2/teams?" +
"`$select=name,teamid,teamtype,azureactivedirectoryobjectid&" +
"`$expand=teammembership_association(`$select=systemuserid,fullname,internalemailaddress,azureactivedirectoryobjectid,isdisabled)," +
"teamroles_association(`$select=name,roleid)"
I then used the Dynamics API to obtain the Security Roles in an Environment.
https://$baseUrl/api/data/v9.2/roles
And the Dynamics API to obtain the
https://$userRoleUrl = "$baseUrl/api/data/v9.2/roles($($role.roleid))/syst
emuserroles_association?`$select=systemuserid,fullname,internalemailaddress,azureactivedirectoryobjectid,isdisabled"
Then Graph API to get the Entra Security Groups and confirmation of user membership.
I'm still seemingly getting incorrect data, where I see users listed in environments they do not belong..so that is 100% an error with my script..
Reducing to a single environment, is there a Power Automate, COE table or other method to easily return a list of users in an environment, their roles and or dynamics membership?
Thank you.
V