How to Connect to Azure AD using PowerShell?
Requirement: Connect to Azure AD with PowerShell.
How to Connect to Azure Active Directory using PowerShell?
Azure Active Directory (Azure AD) is Microsoft’s cloud-based identity and access management service. Azure AD allows you to manage user identities and access rights to your applications, whether on-premises or in the cloud. With the Power of PowerShell, we can automate tasks, access settings that are not available in the web user interface, Filter and query data, generate reports, make configuration changes to the objects, etc. This blog post will show you how to connect to Azure AD using PowerShell and demonstrate some of the basics of working with Azure AD for Office 365 using PowerShell!
Step 1: Install the Azure AD PowerShell Module
To start with Azure AD PowerShell, You have to install the Microsoft Azure Active Directory module on your local computer. To check if you have the Azure AD PowerShell module already installed, use:
Get-Module AzureAD -ListAvailable
You can also use the “Get-InstalledModule” cmdlet to get a list of installed modules on your local computer.
Assuming you have an x64 bit operating system at least Windows 7 Sp1/Windows Server 2008 R2 SP1 or later, And have at least a PowerShell version 5.1 installed (Check your current PowerShell version with the command: $PSVersionTable.PSVersion) on your computer, here are the steps to install the AzureAD PowerShell module:
- Type “PowerShell” from the start menu >> Right-click on Windows PowerShell and choose “Run as administrator”
- Type “Install-Module AzureAD” and hit Enter.
- You’ll be asked to confirm the installation from the PSGallery. Type “A” to select “Yes to All” and hit the Enter key.
Install-Module -Name AzureAD
This will download and install the PowerShell module for Azure Active Directory to your local computer. (AKA: Azure Active Directory PowerShell for Graph)
To update the existing Azure AD module to the latest version, run the following command as admin:
Update-Module -Name AzureAD
Step 2: Connect to Azure AD using Connect-AzureAD cmdlet
The next step is to connect to Azure AD from PowerShell. Type Connect-AzureAD cmdlet and hit the enter key. You’ll be prompted to login to Azure AD, which is Multi-factor authentication (MFA) aware. Ensure you have administrator access to Azure Active Directory before executing these cmdlets.
You can also get the credentials prompt to enter the username and password of an admin account and connect to Azure AD:
Connect-AzureAD -Credential (Get-Credential)
There are more parameters you can pass to the above cmdlet, such as TenantID, AccountID (UserPrincipleName), etc. How about connecting with a saved user name and password?
#Parameter
$AdminUserName = "Steve@crescent.com"
$AdminPassword = "Password goes here"
#Variable for Pscredential object
$SecurePassword = ConvertTo-SecureString $AdminPassword -AsPlainText -Force
$Credential = New-Object System.Management.Automation.PSCredential -argumentlist $AdminUserName, $SecurePassword
#Connect to Azure Active Directory
Connect-AzureAD –Credential $Credential
But the above two methods don’t support two-factor authentication!
Step 3: Start using cmdlets from Azure AD PowerShell Module.
Once connected, you can start using PowerShell cmdlets available for Azure AD to interact with your tenant. To get all cmdlets from the AzureAD module, use:
Get-Command -Module AzureAD
This will list all PowerShell cmdlets for Azure AD
The Azure AD PowerShell Module allows us to manage users and groups, applications, and domains on Office 365 and Azure with activities such as automating tasks, generate reports, export data, Performing bulk operations, etc. The Azure AD PowerShell module can be installed in client operating systems such as Windows 10 or Server operating systems like Windows 2016.
Once connected, You can start using the cmdlets in your PowerShell script, such as: To list all users in your tenant, use:
Get-AzureADUser
To disconnect from Azure in your PowerShell session, run the below command:
Disconnect-AzureAD
How to Install the AzureADPreview module?
The azureADPreview module is where new updates are shipped first. E.g., the cmdlet Get-AzureADAuditSignInLogs is available only in the Azure AD Preview module as of today. To install the preview version of the module, you can replace the module name with AzureADPreview in the Install-Module cmdlet.
Install-Module -Name AzureADPreview
Install Azure AD PowerShell Module V1
For some backward compatibility, If you need the V1 of the Azure AD PowerShell module (AKA: MSOnline), here is how to install and connect to Microsoft Azure Active Directory with Connect-MSOLService cmdlet:
#Install the MSOnline Module
Install-Module -Name MSOnline
#Connect to Azure Active Directory
Connect-MsolService
#Start executing cmdlets
Get-MsolUser
To connect to Exchange Online with PowerShell, you need to first install the PowerShell Module for Exchange Online Management using “Install-Module ExchangeOnlineManagement”. And then, you can connect to Exchange Online using the Connect-ExchangeOnline cmdlet.
More info: Connect to Exchange Online PowerShell
First, you must download and install the SharePoint Online Management Shell or PowerShell Module. Then you can connect to SharePoint Online through PowerShell using the Connect-SPOService cmdlet.
More info: Connect to SharePoint Online PowerShell
Connecting to teams from PowerShell is a two-step process: First, Install Microsoft Teams PowerShell Module using “Install-Module MicrosoftTeams”. Next, Connect to Microsoft Teams using the PowerShell cmdlet “Connect-MicrosoftTeams”.
More info: Connect to Teams PowerShell
To connect to Azure AD PowerShell with MFA, first, you must install the Azure AD PowerShell module. Then, you can connect to Azure AD PowerShell using the Connect-AzureAD cmdlet. Leave the -Credential parameter to authenticate with MFA. A step-by-step guide can be found in this article!
Hi,
To connect with MFA enabled account, just enter Connect-AzureAD without any switches. You’ll be prompted for logon details and MFA with the usual GUI.