Skip to content

Instantly share code, notes, and snippets.

View astaykov's full-sized avatar

Anton Staykov astaykov

21 followers · 10 following
  • Microsoft (former Microsoft Azure MVP)
  • Berlin, Germany
  • X @astaykov
View GitHub Profile
@astaykov
astaykov / DeleteAadObject.ps1
Created November 5, 2015 23:20
Function DeleteUser
{
param(
[String] $token,
[String] $upn
)
$headers = @{"Authorization" = "Bearer $($token)"; "Content-Type" = "application/json"}
$deleteUserUri = "https://graph.windows.net/<your.tenant.domain>/users/$($upn)?api-version=1.5"
$userDeleteResult = Invoke-WebRequest -Uri $deleteUserUri -Headers $headers -Method Delete
$userDeleteResult
@astaykov
astaykov / GetErronousAzureLoigcAppConnections.ps1
Created April 25, 2016 11:21
$errConnections = Get-AzureRmResource -ResourceGroupName RG-Development `
-ResourceType "Microsoft.Web/connections" -ExpandProperties |
Where-Object { $_.Properties.Statuses.Status -eq "Error" }
$errConnections.Count
$errConnections[0].Properties
@astaykov
astaykov / GetAzureVnetGateways.ps1
Last active November 8, 2016 13:18
Get the type of all Azure Virtual Network Gateways in your Azure subscriptions
Login-AzureRmAccount
cls
$subs = Get-AzureRmSubscription
ForEach ($sub in $subs)
{
Write-Host 'ARM: VPN Gateways in subscription' $sub.SubscriptionName '(' $sub.SubscriptionId ')'
Select-AzureRmSubscription -SubscriptionName $sub.SubscriptionName -OutVariable out
$gwr = Find-AzureRmResource -ResourceType "Microsoft.Network/virtualNetworkGateways"
if ( $gwr -ne $null)
{
@astaykov
astaykov / CopyFromMcd.ps1
Created May 2, 2017 08:36
Copy VHDs for VMs in Microsoft Cloud Deutschalnd to any other Azure location
param(
[String] $destinationUri = "https://[YOUR STORAGE ACCOUNT NAME].blob.core.windows.net/vhds",
[String] $destinationKey = "[YOUR STORAGE ACCOUNT KEY]",
[String] $sourceAccountPattern = "*disk*",
[String] $pathToAzCopy = "C:\Program Files (x86)\Microsoft SDKs\Azure\AzCopy\AzCopy.exe"
)
clear
Login-AzureRmAccount -EnvironmentName AzureGermanCloud
$storageAccounts = Get-AzureRmStorageAccount
@astaykov
astaykov / LDAP_Sample_Queries
Created November 29, 2019 10:01
LDAP queries
// basically gets all data about organization
ldapsearch -x -h fqdn.of.the.domain -D "upn" -w "password" -b 'dc=idcxp,dc=site'
// get data about single user object
// make sure you get the DN correct
ldapsearch -x -h fqdn.of.the.domain -D "upn" -w "password" -b 'CN=bdm-user bdmou,OU=AADDC Users,DC=idcxp,DC=site'
@astaykov
astaykov / tenantdependentresources.sh
Last active December 11, 2019 10:49
#!/bin/bash
function check_directory_dependencies() {
echo "Checking for graph extension on Azure CLI..."
echo "--------------------------------------------"
PATTERN='resource-graph'
string=$(az extension list | grep 'resource-graph')
if [[ $string == *"resource-graph"* ]];
then
# az extension update --name resource-graph
echo 'Graph extension is already installed...'
@astaykov
astaykov / httpsig-in-postman-pre-request-script.js
Last active May 6, 2020 14:29 — forked from DinoChiesa/httpsig-in-postman-pre-request-script.js
pre-request script for Postman, to perform HttpSignature calculation. Also SHA-256 message digest.
function computeHttpSignature(config, headerHash) {
var template = 'keyId="${keyId}",algorithm="${algorithm}",headers="${headers}",signature="${signature}"',
sig = template;
// compute sig here
var signingBase = '';
config.headers.forEach(function(h){
if (signingBase !== '') { signingBase += '\n'; }
signingBase += h.toLowerCase() + ": " + headerHash[h];
});
@astaykov
astaykov / AddEmailVerifiedToIdTokensInAAD.ps1
Created June 19, 2020 08:12
Adding claims mapping policy for Azure AD to emit email_verified claim
Connect-AzureAD -Confirm
Import-Module AzeruADPreview
$appID = "...guid-of-the-AppID..."
$policyName = "Add email_verified to claims"
$sp = Get-AzureADServicePrincipal -Filter "servicePrincipalNames/any(n: n eq '$appID')"
$existingPolicies = Get-AzureADServicePrincipalPolicy -Id $sp.ObjectId `
| Where-Object { $_.Type -eq "ClaimsMappingPolicy" }
@astaykov
astaykov / AuditAzureADB2C.ps1
Last active September 4, 2020 09:11
Take out number of authentications and number of active users from Azure AD B2C for the last 7 days
## Use this script to quickly analyse your current Azure AD B2C Tenant
## Please use cloud only user (Global Admin) local to your B2C tenant
## This script uses Azure AD PowerShell for MS Graph + Azure AD PowerShell for Graph preview modeules
## https://docs.microsoft.com/en-us/powershell/azure/active-directory/overview?view=azureadps-2.0
## https://docs.microsoft.com/en-us/powershell/azure/active-directory/overview?view=azureadps-2.0-preview
## You must have both the modules to run this script
## The information is based on the Audit Logs of Azure AD B2C, which is only there for 7 days
## If you need to query data for more than 7 days, then you must export your Azure AD B2C Audit Logs
## Read More about how to export Azure AD B2C Audit Logs to Log Analytics Workspace:
## https://docs.microsoft.com/en-us/azure/active-directory-b2c/azure-monitor
@astaykov
astaykov / GetAllServicePrincipalsWhoAreMemberOfAnyRoleInAzureAD.ps1
Created December 16, 2020 12:30
Connect-AzureAD
$roles = Get-AzureADDirectoryRole
foreach ($role in $roles)
{
$members = Get-AzureADDirectoryRoleMember -ObjectId $role.ObjectId
Write-Host "--- Service Principals members of " $role.DisplayName " ---"
foreach ($member in $members)
{
if($member.ObjectType -eq "ServicePrincipal")
{