The following commands must be run in Windows PowerShell and with the AzureAD Module. Remember to Connect-AzureAD with Global Administrator Privileges first.
# Get SPN based on MSI Display Name
| # Connect to Azure AD Organization as Admin | |
| Connect-AzureAD | |
| #region Part 1 - Azure AD App | |
| # Create a new App Registration for Teams Admin Center | |
| $azureAdApp = New-AzureADApplication -DisplayName "Teams Admin Center API" -ReplyUrls "https://localhost", "urn:ietf:wg:oauth:2.0:oob" | |
| $keyStartDate = "{0:s}" -f (get-date).AddHours(-1) + "Z" | |
| $keyEndDate = "{0:s}" -f (get-date).AddYears(1) + "Z" |
| # Requires Windows PowerShell | |
| # Requires AzureADPreview PowerShell Module | |
| # Connect to Azure AD | |
| Connect-AzureAD | |
| # Get Tenant Detail | |
| $tenant = Get-AzureADTenantDetail | |
| # Get User |
| swagger: '2.0' | |
| info: {title: JanVidarElven Github Connector, description: GitHub API Connector for | |
| JanVidarElven, version: '1.0'} | |
| host: api.github.com | |
| basePath: / | |
| schemes: [https] | |
| consumes: [] | |
| produces: [] | |
| paths: | |
| /repos/{owner}/{repo}/contents/{path}: |
| # Azure AD PowerShell CmdLets for Managing Privileged Roles | |
| # Connect to Azure AD | |
| Connect-AzureAD |
| <# | |
| .SYNOPSIS | |
| This Azure Automation runbook connects to Azure AD with a Service Principal and Connect-AzureAD. | |
| .DESCRIPTION | |
| This Azure Automation runbook connects to Azure AD with a Service Principal and Connect-AzureAD. | |
| It uses an Azure Run As Account connection that must be created before. | |
| You have to import the AzureAD module from the Automation module gallery, if it's not already there. | |
| AUTHOR: Jan Vidar Elven [MVP] |
| <######################################################################################################### | |
| File: New-AadApp.ps1 | |
| Copyright (c) Microsoft Corp 2017. | |
| .SYNOPSIS | |
| Creates a web app in AAD and registers it with the SME gateway. | |
| .DESCRIPTION |
| # AzureAD PowerShell CmdLets to Manage Azure AD App Proxy Connector | |
| # Connect to Azure AD | |
| Connect-AzureAD | |
| # Retrieve Application Proxy Connectors | |
| Get-AzureADApplicationProxyConnector | Select-Object Id, MachineName, ExternalIp, Status | |
| # Get Application Proxy Connectors by Filter | |
| Get-AzureADApplicationProxyConnector -Filter "startswith(MachineName,'ELVEN')" |
| # AzureAD PowerShell CmdLets to Manage Azure AD App Proxy Applications | |
| # Connect to Azure AD | |
| Connect-AzureAD | |
| # Create a new Application Proxy Application with required values | |
| New-AzureADApplicationProxyApplication -DisplayName "Project Honolulu NUC" ` | |
| -ExternalUrl "https://projecthonolulunuc-elven.msappproxy.net/" ` | |
| -InternalUrl "https://ELVEN-NUC-HV1.nuc.group" |
| # Register Azure AD App Proxy Connector | |
| # PS! Using Credential Object cannot be used with MFA enabled administrator accounts, use offline token | |
| $User = "<username of global administrator>" | |
| $PlainPassword = '<password>' | |
| $SecurePassword = $PlainPassword | ConvertTo-SecureString -AsPlainText -Force | |
| $cred = New-Object –TypeName System.Management.Automation.PSCredential –ArgumentList $User, $SecurePassword | |
| Set-Location "C:\Program Files\Microsoft AAD App Proxy Connector" | |
| .\RegisterConnector.ps1 -modulePath "C:\Program Files\Microsoft AAD App Proxy Connector\Modules\" ` |