jameswestall
/ AzureAD-AccessPackages.ps1
Created
September 29, 2020 09:58
Create Access Packages within Azure AD & assign resource access.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Fastest way to get one of these is to export your token from Graph Explorer. | |
| # Using a custom application registration requires Graph API permission approval & scopes request using an ROPC flow https://docs.microsoft.com/en-us/azure/active-directory/develop/v2-oauth-ropc | |
| $graphToken = "SuperLongBase64EncodedJWT-BearerToken" | |
| #Access Package Details | |
| $accessPackageName = "my-access-package" | |
| $accessPackageDescription = "This package contains resources for B2B" | |
| $resourceCatalogName = "General" #This can be updated to use other catalogues. This script does not create catalogs. | |
| #Array of access Access package resources - This example only an AAD Group and the Azure Devops Enterprise app. |
jameswestall
/ AzureAD-DynamicAdminUnit.ps1
Created
August 21, 2020 00:37
Update Membership of Admin Unit based on Dynamic Group Membership
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| try{ | |
| Import-Module AzureADPreview -AllowClobber | |
| }catch{ | |
| Install-Module AzureADPreview | |
| } | |
| Connect-AzureAD | |
| $myAdminUnit = Get-AzureADAdministrativeUnit -Filter "displayname eq 'Blog - Demo Admin Unit'" | |
| $adminUnitMembers = Get-AzureADAdministrativeUnitMember -ObjectId $myAdminUnit.ObjectId | |
| Get-AzureADAdministrativeUnitMember -ObjectId $myAdminUnit.ObjectId | Get-AzureADUser #check user membership before |
jameswestall
/ gist:d4fb531a05362284406a80f16d9ab672
Last active
August 6, 2020 12:56
Azure Devops Provider Bug
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 2020/08/06 22:52:49 [INFO] Terraform version: 0.12.29 | |
| 2020/08/06 22:52:49 [INFO] Go runtime version: go1.13.14 | |
| 2020/08/06 22:52:49 [INFO] CLI args: []string{"/usr/local/bin/terraform", "apply", "-auto-approve", "-var=backend_storage_account_name=jwdemoafstate"} | |
| 2020/08/06 22:52:49 [DEBUG] Attempting to open CLI config file: /Users/james/.terraformrc | |
| 2020/08/06 22:52:49 [DEBUG] File doesn't exist, but doesn't need to. Ignoring. | |
| 2020/08/06 22:52:49 [INFO] CLI command args: []string{"apply", "-auto-approve", "-var=backend_storage_account_name=jwdemoafstate"} | |
| 2020/08/06 22:52:49 [TRACE] Meta.Backend: built configuration for "azurerm" backend with hash value 1983920158 | |
| 2020/08/06 22:52:49 [TRACE] Preserving existing state lineage "437042ab-776d-bd37-ff95-1dc13449eb45" | |
| 2020/08/06 22:52:49 [TRACE] Preserving existing state lineage "437042ab-776d-bd37-ff95-1dc13449eb45" | |
| 2020/08/06 22:52:49 [TRACE] Meta.Backend: working directory was previously initialized for "azurerm" backend |
jameswestall
/ OktaServicePowershell.ps1
Last active
January 9, 2020 05:32
Provision an Okta Agent Service Account for AD.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Quick and easy File to write output to - A Lazy mans logging | |
| Start-Transcript ./Okta-ServiceAccountConfig.log | |
| #I would like an AD module please | |
| Import-Module ActiveDirectory | |
| #Basic Details for the Service Account & Domain. | |
| $serviceAccountName = "svcOktaAgent" | |
| $serviceAccountUsername = "svcOktaAgent" | |
| $serviceAccountDescription = "svcOktaAgent - Okta AD Agent Service" |