AzureAD
The Azure Active Directory version 2 PowerShell module can be downloaded and installed from the PowerShell Gallery, www.powershellgallery.com. The gallery uses the PowerShellGet module. The PowerShellGet module requires PowerShell 3.0 or newer and requires one of the following operating systems:
Windows 10 Windows 8.1 Pro Windows 8.1 Enterprise Windows 7 SP1 Windows Server 2016 TP5 Windows Server 2012 R2 Windows Server 2008 R2 SP1
PowerShellGet also requires .NET Framework 4.5 or above. You can install .NET Framework 4.5 or above from here. For more information, please refer to this link For more detailed info on installation of the AzureAD cmdlets please see: Azure Active Directory PowerShell version 2.
These are the cmdlets in the Azure Active Directory v2 PowerShell module.
Administrative Units
| Set-AzureADAdministrativeUnit | Updates an administrative unit. |
Applications
| Add-AzureADApplicationOwner | Adds an owner to an application. |
| Get-AzureADApplication | Gets an application. |
| Get-AzureADApplicationExtensionProperty | Gets application extension properties. |
| Get-AzureADApplicationKeyCredential | Gets the key credentials for an application. |
| Get-AzureADApplicationLogo | Retrieve the logo of an application |
| Get-AzureADApplicationOwner | Gets the owner of an application. |
| Get-AzureADApplicationPasswordCredential | Gets the password credential for an application. |
| Get-AzureADApplicationServiceEndpoint | Retrieve the service endpoint of an application |
| Get-AzureADDeletedApplication | Retrieve the deleted applications in the directory |
| New-AzureADApplication | Creates an application. |
| New-AzureADApplicationExtensionProperty | Creates an application extension property. |
| New-AzureADApplicationKeyCredential | Creates a key credential for an application. |
| New-AzureADApplicationPasswordCredential | Creates a password credential for an application. |
| Remove-AzureADApplication | Delete an application by objectId. |
| Remove-AzureADApplicationExtensionProperty | Removes an application extension property. |
| Remove-AzureADApplicationKeyCredential | Removes a key credential from an application. |
| Remove-AzureADApplicationOwner | Removes an owner from an application. |
| Remove-AzureADApplicationPasswordCredential | Removes a password credential from an application. |
| Set-AzureADApplication | Updates an application. |
| Set-AzureADApplicationLogo | Sets the logo for an Application |
Certificate Authorities
| Get-AzureADTrustedCertificateAuthority | Gets the trusted certificate authority. |
| New-AzureADTrustedCertificateAuthority | Creates a trusted certificate authority. |
| Remove-AzureADTrustedCertificateAuthority | Removes a trusted certificate authority. |
| Set-AzureADTrustedCertificateAuthority | Updates a trusted certificate authority. |
Connect to your directory
| Connect-AzureAD | Connects with an authenticated account to use Active Directory cmdlet requests. |
| Disconnect-AzureAD | Disconnects the current session from an Azure Active Directory tenant. |
Contacts
| Get-AzureADContact | Gets a contact from Azure Active Directory. |
| Get-AzureADContactDirectReport | Get the direct reports for a contact. |
| Get-AzureADContactManager | Gets the manager of a contact. |
| Get-AzureADContactMembership | Get a contact membership. |
| Get-AzureADContactThumbnailPhoto | Retrieves the thumbnail photo of a contact |
| Remove-AzureADContact | Removes a contact. |
| Remove-AzureADContactManager | Removes a contact's manager. |
| Select-AzureADGroupIdsContactIsMemberOf | Get groups in which a contact is a member. |
Contracts
| Get-AzureADContract | Gets a contract. |
Deleted Objects
| Restore-AzureADDeletedApplication | Restores a previously deleted application |
Devices
| Add-AzureADDeviceRegisteredOwner | Adds a registered owner for a device. |
| Add-AzureADDeviceRegisteredUser | Adds a registered user for a device. |
| Get-AzureADDevice | Gets a device from Active Directory. |
| Get-AzureADDeviceConfiguration | This cmdlet retrieves the device configuration object |
| Get-AzureADDeviceRegisteredOwner | Gets the registered owner of a device. |
| Get-AzureADDeviceRegisteredUser | Gets a registered user. |
| New-AzureADDevice | Creates a device. |
| Remove-AzureADDevice | Deletes a device. |
| Remove-AzureADDeviceRegisteredOwner | Removes the registered owner of a device. |
| Remove-AzureADDeviceRegisteredUser | Removes a registered user from a device. |
| Set-AzureADDevice | Updates a device. |
Directory
| Get-AzureADSubscribedSku | Gets subscribed SKUs to Microsoft services. |
| Get-AzureADTenantDetail | Gets the details of a tenant. |
| Set-AzureADTenantDetail | Set contact details for a tenant |
Directory Objects
| Get-AzureADObjectByObjectId | Retrieves the object(s) specified by the objectIds parameter |
Directory Roles
| Add-AzureADDirectoryRoleMember | Adds a member to a directory role. |
| Enable-AzureADDirectoryRole | Activates an existing directory role in Azure Active Directory. |
| Get-AzureADDirectoryRole | Gets a directory role. |
| Get-AzureADDirectoryRoleMember | Gets members of a directory role. |
| Get-AzureADDirectoryRoleTemplate | Gets directory role templates. |
| Remove-AzureADDirectoryRoleMember | Removes a member of a directory role. |
Domains
| Confirm-AzureADDomain | Validate the ownership of a domain. |
| Get-AzureADDomain | Gets a domain. |
| Get-AzureADDomainNameReference | This cmdlet retrieves the objects that are referenced by a given domain name |
| Get-AzureADDomainServiceConfigurationRecord | Gets the domain's service configuration records from the serviceConfigurationRecords navigation property. |
| Get-AzureADDomainVerificationDnsRecord | Retrieve the domain verification DNS record for a domain |
| New-AzureADDomain | Creates a domain. |
| Remove-AzureADDomain | Removes a domain. |
| Set-AzureADDomain | Updates a domain. |
Extension Properties
| Get-AzureADExtensionProperty | Gets extension properties registered with Azure AD. |
Groups
| Add-AzureADGroupMember | Adds a member to a group. |
| Add-AzureADGroupOwner | Adds an owner to a group. |
| Get-AzureADGroup | Gets a group. |
| Get-AzureADGroupAppRoleAssignment | Gets a group application role assignment. |
| Get-AzureADGroupMember | Gets a member of a group. |
| Get-AzureADGroupOwner | Gets an owner of a group. |
| New-AzureADGroup | Creates a group. |
| New-AzureADGroupAppRoleAssignment | Assign a group of users to an application role. |
| Remove-AzureADGroup | Removes a group. |
| Remove-AzureADGroupAppRoleAssignment | Delete a group application role assignment. |
| Remove-AzureADGroupMember | Removes a member from a group. |
| Remove-AzureADGroupOwner | Removes an owner from a group. |
| Select-AzureADGroupIdsGroupIsMemberOf | Gets group IDs that a group is a member of. |
| Set-AzureADGroup | Updates a specific group in Azure Active Directory |
OAuth2
| Get-AzureADOAuth2PermissionGrant | Gets OAuth2PermissionGrant entities. |
| Remove-AzureADOAuth2PermissionGrant | Removes an oAuth2PermissionGrant. |
Others
| Add-AzureADAdministrativeUnitMember | Adds an administrative unit member. |
| Add-AzureADApplicationPolicy | Adds an application policy. |
| Add-AzureADScopedRoleMembership | Adds a scoped role membership to an administrative unit. |
| Add-AzureADServicePrincipalPolicy | Adds a service principal policy. |
| Get-AzureADAdministrativeUnit | Gets an administrative unit. |
| Get-AzureADAdministrativeUnitMember | Gets a member of an administrative unit. |
| Get-AzureADApplicationPolicy | Gets an application policy. |
| Get-AzureADDirectorySetting | Gets a directory setting. |
| Get-AzureADDirectorySettingTemplate | Gets a directory setting template. |
| Get-AzureADMSGroup | Gets information about groups in Azure AD. |
| Get-AzureADObjectSetting | Gets an object setting. |
| Get-AzureADPolicy | Gets a policy. |
| Get-AzureADPolicyAppliedObject | Get the objects to which a policy is applied |
| Get-AzureADScopedRoleMembership | Gets a scoped role membership from an administrative unit. |
| Get-AzureADServicePrincipalPolicy | Get the service principal policy |
| New-AzureADAdministrativeUnit | Creates an administrative unit. |
| New-AzureADDirectorySetting | Creates a directory settings object. |
| New-AzureADMSGroup | Creates an Azure AD group. |
| New-AzureADObjectSetting | Creates a settings object. |
| New-AzureADPolicy | Creates a policy. |
| Remove-AzureADAdministrativeUnit | Removes an administrative unit. |
| Remove-AzureADAdministrativeUnitMember | Removes an administrative unit member. |
| Remove-AzureADDirectorySetting | Deletes a directory setting in Azure Active Directory. |
| Remove-AzureADMSGroup | Removes an Azure AD group. |
| Remove-AzureADObjectSetting | Deletes settings in Azure Active Directory. |
| Remove-AzureADPolicy | Removes a policy. |
| Remove-AzureADScopedRoleMembership | Removes a scoped role membership. |
| Set-AzureADDirectorySetting | Updates a directory setting in Azure Active Directory. |
| Set-AzureADMSGroup | Changes attribute values on an Azure AD group. |
| Set-AzureADObjectSetting | Updates object settings. |
| Set-AzureADPolicy | Updates a policy. |
Service Principals
| Add-AzureADServicePrincipalOwner | Adds an owner to a service principal. |
| Get-AzureADServiceAppRoleAssignment | Gets a service principal application role assignment. |
| Get-AzureADServicePrincipal | Gets a service principal. |
| Get-AzureADServicePrincipalCreatedObject | Get objects created by a service principal. |
| Get-AzureADServicePrincipalKeyCredential | Get key credentials for a service principal. |
| Get-AzureADServicePrincipalMembership | Get a service principal membership. |
| Get-AzureADServicePrincipalOAuth2PermissionGrant | Gets an oAuth2PermissionGrant for a service principal. |
| Get-AzureADServicePrincipalOwnedObject | Gets an object owned by a service principal. |
| Get-AzureADServicePrincipalOwner | Get the owner of a service principal. |
| Get-AzureADServicePrincipalPasswordCredential | Get credentials for a service principal. |
| New-AzureADServiceAppRoleAssignment | Assigns a service principal to an application role. |
| New-AzureADServicePrincipal | Creates a service principal. |
| New-AzureADServicePrincipalKeyCredential | Create a new key credential for a service principal |
| New-AzureADServicePrincipalPasswordCredential | Creates a password credential for a service principal. |
| Remove-AzureADServiceAppRoleAssignment | Removes a service principal application role assignment. |
| Remove-AzureADServicePrincipal | Removes a service principal. |
| Remove-AzureADServicePrincipalKeyCredential | Removes a key credential from a service principal. |
| Remove-AzureADServicePrincipalOwner | Removes an owner from a service principal. |
| Remove-AzureADServicePrincipalPasswordCredential | Removes a password credential from a service principal. |
| Select-AzureADGroupIdsServicePrincipalIsMemberOf | Selects the groups in which a service principal is a member. |
| Set-AzureADServicePrincipal | Updates a service principal. |
Users
| Get-AzureADUser | Gets a user. |
| Get-AzureADUserAppRoleAssignment | Get a user application role assignment. |
| Get-AzureADUserCreatedObject | Get objects created by the user. |
| Get-AzureADUserDirectReport | Get the user's direct reports. |
| Get-AzureADUserExtension | Gets a user extension. |
| Get-AzureADUserLicenseDetail | Retrieves license details for a user |
| Get-AzureADUserManager | Gets the manager of a user. |
| Get-AzureADUserMembership | Get user memberships. |
| Get-AzureADUserOAuth2PermissionGrant | Gets an oAuth2PermissionGrant object for a user |
| Get-AzureADUserOwnedDevice | Get registered devices owned by a user. |
| Get-AzureADUserOwnedObject | Get objects owned by a user. |
| Get-AzureADUserRegisteredDevice | Get devices registered by a user. |
| Get-AzureADUserThumbnailPhoto | Retrieve the thumbnail photo of a user |
| New-AzureADMSInvitation | This cmdlet is used to invite a new external user to your directory |
| New-AzureADUser | Creates an AD user. |
| New-AzureADUserAppRoleAssignment | Assigns a user to an application role. |
| Remove-AzureADUser | Removes a user. |
| Remove-AzureADUserAppRoleAssignment | Removes a user application role assignment. |
| Remove-AzureADUserExtension | Removes a user extension. |
| Remove-AzureADUserManager | Removes a user's manager. |
| Revoke-AzureADSignedInUserAllRefreshToken | Invalidates the refresh tokens issued to applications for the current user. |
| Revoke-AzureADUserAllRefreshToken | Invalidates the refresh tokens issued to applications for a user. |
| Select-AzureADGroupIdsUserIsMemberOf | Selects the groups that a user is a member of. |
| Set-AzureADUser | Updates a user. |
| Set-AzureADUserExtension | Sets a user extension. |
| Set-AzureADUserLicense | Adds or removes licenses for a Microsoft online service to the list of assigned licenses for a user. |
| Set-AzureADUserManager | Updates a user's manager. |
| Set-AzureADUserPassword | Sets the password of a user. |
| Set-AzureADUserThumbnailPhoto | Set the thumbnail photo for a user |
| Update-AzureADSignedInUserPassword | Updates the password for the signed-in user. |