Extensions attributes in AAD are a great way to store any auxiliary information that does not belong in any other user properties. The only sad part, it's only 15 of them and they are text fields. If you ever need to clear some or all of them, the script below will be a great help! Benefits of the script: makes changes in batches - only takes seconds to run; dry or wet run depending on the switch (see the important note below). This script uses an App-only access rather than Delegated access unlike my other script ( https://365basics.com/powershell-find-and-update-a-string-value-within-all-dynamic-group-membership-rules/ ). If you would like to learn more - https://learn.microsoft.com/en-us/graph/auth/auth-concepts/ Important! This line (#116) of code is responsible for either dry or wet run of the script. I left it commented on purpose and by default. # $UserAdjustments = Invoke-RestMethod @Parameters Technically, you can adjust this script to clear and/or populate any user attributes. #…

If your company benefits from using dynamic groups, then you probably know that feature takes its toll - proper maintenance and updates. It usually happens when there are some organizational changes - updated job titles or another department, just to name a few. The purpose of this script is to take that burden away and make updates at once to every single dynamic group that matches the scope of the adjustment. Benefits and nuances of the script: can find and update any string value - doesn't matter if you update a property name or a property value; saves a CSV log file with all values before and after the update; only takes a few seconds to run and adjust up to 20 groups at once; 20 group number comes from a Graph API Batch limitation, more on that here - https://learn.microsoft.com/en-us/graph/json-batching retains membership rule formatting if you used one, more…