Accessing Azure AD in PowerShell
Microsoft Azure Active Directory (Azure AD) is a cloud-based identity and access management service that provides authentication and authorization for applications, services, and users. As a PowerShell enthusiast, understanding how to interact with Azure AD using PowerShell is essential. In this article, we’ll explore the basics of accessing Azure AD, managing users, and performing common tasks.
Prerequisites
Before we begin, ensure you have the following prerequisites:
1. Azure Account: You’ll need an active Azure subscription. If you don’t have one, sign up for a free account at [Azure Portal](https://portal.azure.com/).
2. Azure AD PowerShell Module: Install the Azure AD PowerShell module. Open PowerShell as an administrator and run the following command:
Install-Module AzureAD
Connecting to Azure AD
1. Open PowerShell: Launch PowerShell on your machine.
2. Connect to Azure AD:
– Run the following command to sign in to your Azure account:
Connect-AzureAD
– You’ll be prompted to sign in using your Azure credentials. Enter your username and password.
– Once authenticated, you’re connected to your Azure AD tenant.
Listing Users
To retrieve a list of users in your Azure AD, use the following command:
Get-AzureADUser
This command fetches all user objects along with their properties.
Creating a New User
To create a new user, use the `New-AzureADUser` cmdlet. For example:
New-AzureADUser -UserPrincipalName “john.doe@contoso.com” -DisplayName “John Doe” -Password “P@ssw0rd”
Replace the values with your desired username, display name, and password.
Assigning Licenses
Assign licenses to users using the `Set-AzureADUserLicense` cmdlet. For instance:
Set-AzureADUserLicense -ObjectId <UserObjectId> -AssignedLicenses @{“<LicenseSKU>”=”True”}
Replace `<UserObjectId>` with the actual user’s object ID and `<LicenseSKU>` with the specific license SKU (e.g., “ENTERPRISEPACK”).
Resetting User Passwords
Reset a user’s password using the `Set-AzureADUserPassword` cmdlet:
Set-AzureADUserPassword -ObjectId <UserObjectId> -NewPassword “NewP@ssw0rd”
Managing Groups
Create and manage groups with the `New-AzureADGroup`, `Add-AzureADGroupMember`, and `Remove-AzureADGroupMember` cmdlets.
Remember to save your scripts securely and follow best practices for managing credentials. Happy scripting! 🌟