This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Adding Service Principal (Application) to greater security groups | |
https://support.microsoft.com/en-us/kb/3004133 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function GetToken | |
{ | |
param( | |
[String] $authority = "https://login.microsoftonline.com/lab09.onmicrosoft.com/oauth2/token", | |
[String] $clientId = "0bc190c9-e84e-4df3-9ef8-xyxyxyxyxyxyxyx", | |
[String] $clientSecret = "RJ30qUKSyRMhLICJRsqxxxCX01yyUMeF8xxyoo9xL7ltY=", | |
[String] $resourceId = "https%3a%2f%2fgraph.windows.net" | |
) | |
$body = "grant_type=client_credentials&resource=$($resourceId)&client_id=$($clientId)&client_secret=$($clientSecret)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function GetToken | |
{ | |
param( | |
[String] $authority = "https://login.microsoftonline.com/lab09.onmicrosoft.com/oauth2/token", | |
[String] $clientId = "<your_client_id_here>", | |
[String] $clientSecret = "<client_secret>", | |
[String] $resourceId = "https%3a%2f%2fgraph.windows.net" | |
) | |
$body = "grant_type=client_credentials&resource=$($resourceId)&client_id=$($clientId)&client_secret=$($clientSecret)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function GetToken | |
{ | |
param( | |
[String] $authority = "https://login.microsoftonline.com/<your_tenant>/oauth2/token", | |
[String] $clientId = "<client_id>", | |
[String] $clientSecret = "<client_secret>", | |
[String] $resourceId = "https%3a%2f%2fgraph.windows.net" | |
) | |
$body = "grant_type=client_credentials&resource=$($resourceId)&client_id=$($clientId)&client_secret=$($clientSecret)" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function UpdateUser | |
{ | |
param( | |
[String] $token | |
) | |
$headers = @{"Authorization" = "Bearer $($token)"; "Content-Type" = "application/json"} | |
$updateUserUri = "https://graph.windows.net/dayzure.onmicrosoft.com/users/maxm@dayzure.onmicrosoft.com?api-version=1.5" | |
$updateBody = @" | |
{ | |
"department":"Super Devs" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Connect-MsolService | |
# Get Service Principal to add the role to | |
$sp = Get-MsolServicePrincipal -ServicePrincipalName "<URI_OF_YOUR_AZURE_AD_APP>" | |
# Get role object ID | |
# Alternatively, you can list all the roles (in order to get a different role name) using just `Get-MsolRole` | |
$roleId = (Get-MsolRole -RoleName "Company Administrators").ObjectId | |
# Add role to service principal |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Function DeleteUser | |
{ | |
param( | |
[String] $token, | |
[String] $upn | |
) | |
$headers = @{"Authorization" = "Bearer $($token)"; "Content-Type" = "application/json"} | |
$deleteUserUri = "https://graph.windows.net/<your.tenant.domain>/users/$($upn)?api-version=1.5" | |
$userDeleteResult = Invoke-WebRequest -Uri $deleteUserUri -Headers $headers -Method Delete | |
$userDeleteResult |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
%windir%\system32\inetsrv\appcmd set config -section:applicationPools -applicationPoolDefaults.enable32BitAppOnWin64:true |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
[AllowAnonymous] | |
[ValidateInput(false)] | |
public class AcsResponseController : Controller | |
{ | |
public ActionResult Index() | |
{ | |
if (ControllerContext.HttpContext.Request.Form["wresult"] != null) | |
{ | |
// This is a response from the ACS - you can further inspect the message if you will | |
SignInResponseMessage message = |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Add-AzureAccount | |
Set-AzureSubscription "[Your Subscription Name]" -CurrentStorageAccountName "[StorageAccount_for_VHDs]" | |
$adminPassword = "Super_Secret_Password!" | |
$images = Get-AzureVMImage | where {$_.Label -match "Windows Server 2012 R2"} | |
$vmImage = $images[2] | |
$dnsServerLocal = New-AzureDns –Name "NameResolver" –IPAddress "127.0.0.1" | |
New-AzureVMConfig -Name "NameResolver" -InstanceSize Large -ImageName $vmImage.ImageName ` | | |
Add-AzureProvisioningConfig –Windows –Password $adminPassword -AdminUsername "astaykov" ` | | |
Set-AzureSubnet "NSNet" ` | |