Azure Active Directory V2 PowerShell module

Description

The Azure Active Directory version 2 PowerShell module can be downloaded and installed from the PowerShell Gallery, www.powershellgallery.com. The gallery uses the PowerShellGet module.

The PowerShellGet module requires PowerShell 3.0 or newer.

Therefore, PowerShellGet requires one of the following operating systems:

Windows 10 Windows 8.1 Pro Windows 8.1 Enterprise Windows 7 SP1 Windows Server 2016 TP5 Windows Server 2012 R2 Windows Server 2008 R2 SP1

PowerShellGet also requires .NET Framework 4.5 or above. You can install .NET Framework 4.5 or above from here.

For more information, please refer to this link

For more detailed info on installation of the AzureAD cmdlets please see: Azure Active Directory PowerShell version 2.

These are the cmdlets in the Azure Active Directory v2 PowerShell module.

Administrative Units

Add-AzureADAdministrativeUnitMember

Adds an administrative unit member.

Add-AzureADScopedRoleMembership

Adds a scoped role membership to an administrative unit.

Get-AzureADAdministrativeUnit

Gets an administrative unit.

Get-AzureADAdministrativeUnitMember

Gets a member of an administrative unit.

Get-AzureADScopedRoleMembership

Gets a scoped role membership from an administrative unit.

New-AzureADAdministrativeUnit

Creates an administrative unit.

Remove-AzureADAdministrativeUnit

Removes an administrative unit.

Remove-AzureADAdministrativeUnitMember

Removes an administrative unit member.

Remove-AzureADScopedRoleMembership

Removes a scoped role membership.

Set-AzureADAdministrativeUnit

Updates an administrative unit.

Applications

Add-AzureADApplicationOwner

Adds an owner to an application.

Add-AzureADApplicationPolicy

Adds an application policy.

Get-AzureADApplication

Gets an application.

Get-AzureADApplicationExtensionProperty

Gets application extension properties.

Get-AzureADApplicationKeyCredential

Gets the key credentials for an application.

Get-AzureADApplicationLogo

Retrieve the logo of an application

Get-AzureADApplicationOwner

Gets the owner of an application.

Get-AzureADApplicationPasswordCredential

Gets the password credential for an application.

Get-AzureADApplicationPolicy

Gets an application policy.

Get-AzureADApplicationServiceEndpoint

Retrieve the service endpoint of an application

Get-AzureADDeletedApplication

Retrieve the deleted applications in the directory

New-AzureADApplication

Creates an application.

New-AzureADApplicationExtensionProperty

Creates an application extension property.

New-AzureADApplicationKeyCredential

Creates a key credential for an application.

New-AzureADApplicationPasswordCredential

Creates a password credential for an application.

Remove-AzureADApplication

Delete an application by objectId.

Remove-AzureADApplicationExtensionProperty

Removes an application extension property.

Remove-AzureADApplicationKeyCredential

Removes a key credential from an application.

Remove-AzureADApplicationOwner

Removes an owner from an application.

Remove-AzureADApplicationPasswordCredential

Removes a password credential from an application.

Restore-AzureADDeletedApplication

Restores a previously deleted application

Set-AzureADApplication

Updates an application.

Set-AzureADApplicationLogo

Sets the logo for an Application

Devices

Add-AzureADDeviceRegisteredOwner

Adds a registered owner for a device.

Add-AzureADDeviceRegisteredUser

Adds a registered user for a device.

Get-AzureADDevice

Gets a device from Active Directory.

Get-AzureADDeviceConfiguration

This cmdlet retrieves the device configuration object

Get-AzureADDeviceRegisteredOwner

Gets the registered owner of a device.

Get-AzureADDeviceRegisteredUser

Gets a registered user.

New-AzureADDevice

Creates a device.

Remove-AzureADDevice

Deletes a device.

Remove-AzureADDeviceRegisteredOwner

Removes the registered owner of a device.

Remove-AzureADDeviceRegisteredUser

Removes a registered user from a device.

Set-AzureADDevice

Updates a device.

Directory Roles

Add-AzureADDirectoryRoleMember

Adds a member to a directory role.

Enable-AzureADDirectoryRole

Activates an existing directory role in Azure Active Directory.

Get-AzureADDirectoryRole

Gets a directory role.

Get-AzureADDirectoryRoleMember

Gets members of a directory role.

Get-AzureADDirectoryRoleTemplate

Gets directory role templates.

Remove-AzureADDirectoryRoleMember

Removes a member of a directory role.

Groups

Add-AzureADGroupMember

Adds a member to a group.

Add-AzureADGroupOwner

Adds an owner to a group.

Get-AzureADGroup

Gets a group.

Get-AzureADGroupAppRoleAssignment

Gets a group application role assignment.

Get-AzureADGroupMember

Gets a member of a group.

Get-AzureADGroupOwner

Gets an owner of a group.

Get-AzureADMSGroup

Gets information about groups in Azure AD.

New-AzureADGroup

Creates a group.

New-AzureADGroupAppRoleAssignment

Assign a group of users to an application role.

New-AzureADMSGroup

Creates an Azure AD group.

Remove-AzureADGroup

Removes a group.

Remove-AzureADGroupAppRoleAssignment

Delete a group application role assignment.

Remove-AzureADGroupMember

Removes a member from a group.

Remove-AzureADGroupOwner

Removes an owner from a group.

Remove-AzureADMSGroup

Removes an Azure AD group.

Select-AzureADGroupIdsContactIsMemberOf

Get groups in which a contact is a member.

Select-AzureADGroupIdsGroupIsMemberOf

Gets group IDs that a group is a member of.

Select-AzureADGroupIdsServicePrincipalIsMemberOf

Selects the groups in which a service principal is a member.

Select-AzureADGroupIdsUserIsMemberOf

Selects the groups that a user is a member of.

Set-AzureADGroup

Updates a specific group in Azure Active Directory

Set-AzureADMSGroup

Changes attribute values on an Azure AD group.

Service Principals

Add-AzureADServicePrincipalOwner

Adds an owner to a service principal.

Add-AzureADServicePrincipalPolicy

Adds a service principal policy.

Get-AzureADServiceAppRoleAssignment

Gets a service principal application role assignment.

Get-AzureADServicePrincipal

Gets a service principal.

Get-AzureADServicePrincipalCreatedObject

Get objects created by a service principal.

Get-AzureADServicePrincipalKeyCredential

Get key credentials for a service principal.

Get-AzureADServicePrincipalMembership

Get a service principal membership.

Get-AzureADServicePrincipalOAuth2PermissionGrant

Gets an oAuth2PermissionGrant for a service principal.

Get-AzureADServicePrincipalOwnedObject

Gets an object owned by a service principal.

Get-AzureADServicePrincipalOwner

Get the owner of a service principal.

Get-AzureADServicePrincipalPasswordCredential

Get credentials for a service principal.

Get-AzureADServicePrincipalPolicy

Get the service principal policy

New-AzureADServiceAppRoleAssignment

Assigns a service principal to an application role.

New-AzureADServicePrincipal

Creates a service principal.

New-AzureADServicePrincipalKeyCredential

Create a new key credential for a service principal

New-AzureADServicePrincipalPasswordCredential

Creates a password credential for a service principal.

Remove-AzureADServiceAppRoleAssignment

Removes a service principal application role assignment.

Remove-AzureADServicePrincipal

Removes a service principal.

Remove-AzureADServicePrincipalKeyCredential

Removes a key credential from a service principal.

Remove-AzureADServicePrincipalOwner

Removes an owner from a service principal.

Remove-AzureADServicePrincipalPasswordCredential

Removes a password credential from a service principal.

Set-AzureADServicePrincipal

Updates a service principal.

Domains

Confirm-AzureADDomain

Validate the ownership of a domain.

Get-AzureADDomain

Gets a domain.

Get-AzureADDomainNameReference

This cmdlet retrieves the objects that are referenced by a given domain name

Get-AzureADDomainServiceConfigurationRecord

Gets the domain's service configuration records from the serviceConfigurationRecords navigation property.

Get-AzureADDomainVerificationDnsRecord

Retrieve the domain verification DNS record for a domain

New-AzureADDomain

Creates a domain.

Remove-AzureADDomain

Removes a domain.

Set-AzureADDomain

Updates a domain.

Connect your PowerShell session

Connect-AzureAD

Connects with an authenticated account to use Active Directory cmdlet requests.

Disconnect-AzureAD

Disconnects the current session from an Azure Active Directory tenant.

Contacts

Get-AzureADContact

Gets a contact from Azure Active Directory.

Get-AzureADContactDirectReport

Get the direct reports for a contact.

Get-AzureADContactManager

Gets the manager of a contact.

Get-AzureADContactMembership

Get a contact membership.

Get-AzureADContactThumbnailPhoto

Retrieves the thumbnail photo of a contact

Remove-AzureADContact

Removes a contact.

Remove-AzureADContactManager

Removes a contact's manager.

Contracts

Get-AzureADContract

Gets a contract.

Directory Settings

Get-AzureADDirectorySetting

Gets a directory setting.

Get-AzureADDirectorySettingTemplate

Gets a directory setting template.

New-AzureADDirectorySetting

Creates a directory settings object.

Remove-AzureADDirectorySetting

Deletes a directory setting in Azure Active Directory.

Set-AzureADDirectorySetting

Updates a directory setting in Azure Active Directory.

Extension Properties

Get-AzureADExtensionProperty

Gets extension properties registered with Azure AD.

OAuth2PermissionGrant

Get-AzureADOAuth2PermissionGrant

Gets OAuth2PermissionGrant entities.

Remove-AzureADOAuth2PermissionGrant

Removes an oAuth2PermissionGrant.

Directory Objects

Get-AzureADObjectByObjectId

Retrieves the object(s) specified by the objectIds parameter

Get-AzureADObjectSetting

Gets an object setting.

New-AzureADObjectSetting

Creates a settings object.

Remove-AzureADObjectSetting

Deletes settings in Azure Active Directory.

Set-AzureADObjectSetting

Updates object settings.

Policies

Get-AzureADPolicy

Gets a policy.

Get-AzureADPolicyAppliedObject

Get the objects to which a policy is applied

New-AzureADPolicy

Creates a policy.

Remove-AzureADPolicy

Removes a policy.

Set-AzureADPolicy

Updates a policy.

Licenses

Get-AzureADSubscribedSku

Gets subscribed SKUs to Microsoft services.

Tenant information

Get-AzureADTenantDetail

Gets the details of a tenant.

Set-AzureADTenantDetail

Set contact details for a tenant

Certificates

Get-AzureADTrustedCertificateAuthority

Gets the trusted certificate authority.

New-AzureADTrustedCertificateAuthority

Creates a trusted certificate authority.

Remove-AzureADTrustedCertificateAuthority

Removes a trusted certificate authority.

Set-AzureADTrustedCertificateAuthority

Updates a trusted certificate authority.

Users

Get-AzureADUser

Gets a user.

Get-AzureADUserAppRoleAssignment

Get a user application role assignment.

Get-AzureADUserCreatedObject

Get objects created by the user.

Get-AzureADUserDirectReport

Get the user's direct reports.

Get-AzureADUserExtension

Gets a user extension.

Get-AzureADUserLicenseDetail

Retrieves license details for a user

Get-AzureADUserManager

Gets the manager of a user.

Get-AzureADUserMembership

Get user memberships.

Get-AzureADUserOAuth2PermissionGrant

Gets an oAuth2PermissionGrant object for a user

Get-AzureADUserOwnedDevice

Get registered devices owned by a user.

Get-AzureADUserOwnedObject

Get objects owned by a user.

Get-AzureADUserRegisteredDevice

Get devices registered by a user.

Get-AzureADUserThumbnailPhoto

Retrieve the thumbnail photo of a user

New-AzureADUser

Creates an AD user.

New-AzureADUserAppRoleAssignment

Assigns a user to an application role.

Remove-AzureADUser

Removes a user.

Remove-AzureADUserAppRoleAssignment

Removes a user application role assignment.

Remove-AzureADUserExtension

Removes a user extension.

Remove-AzureADUserManager

Removes a user's manager.

Revoke-AzureADSignedInUserAllRefreshToken

Invalidates the refresh tokens issued to applications for the current user.

Revoke-AzureADUserAllRefreshToken

Invalidates the refresh tokens issued to applications for a user.

Set-AzureADUser

Updates a user.

Set-AzureADUserExtension

Sets a user extension.

Set-AzureADUserLicense

Adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user.

Set-AzureADUserManager

Updates a user's manager.

Set-AzureADUserPassword

Sets the password of a user.

Set-AzureADUserThumbnailPhoto

Set the thumbnail photo for a user

Update-AzureADSignedInUserPassword

Updates the password for the signed-in user.

New-AzureADMSInvitation

This cmdlet is used to invite a new external user to your directory