获取所有应用程序代理应用并按连接器组列出

  • 项目

在该 PowerShell 脚本示例中,可找到分配了应用程序的所有 Microsoft Entra 专用网络连接器组的相关信息。

如果没有 Azure 订阅,请在开始之前创建一个 Azure 免费帐户

注意

建议使用 Azure Az PowerShell 模块与 Azure 交互。 请参阅安装 Azure PowerShell 以开始使用。 若要了解如何迁移到 Az PowerShell 模块,请参阅 将 Azure PowerShell 从 AzureRM 迁移到 Az

此示例需要 Microsoft Graph Beta PowerShell 模块 2.10 或更高版本。

示例脚本

# This sample script gets all Microsoft Entra private network connector groups with the assigned applications.
#
# Version 1.0
#
# This script requires PowerShell 5.1 (x64) or beyond and one of the following modules:
#
# Microsoft.Graph.Beta ver 2.10 or newer
#
# Before you begin:
#    
#    Required Microsoft Entra role: Global Administrator or Application Administrator or Application Developer 
#    or appropriate custom permissions as documented https://learn.microsoft.com/en-us/azure/active-directory/roles/custom-enterprise-app-permissions
#
# 

Import-Module Microsoft.Graph.Beta.Applications

Connect-MgGraph -Scope Directory.Read.All -NoWelcome

Write-Host "Reading service principals. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green" 

$aadapServPrinc = Get-MgBetaServicePrincipal -Top 100000 | where-object {$_.Tags -Contains "WindowsAzureActiveDirectoryOnPremApp"}

Write-Host "Reading Microsoft Entra applications. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"

$allApps = Get-MgBetaApplication -Top 100000

Write-Host "Reading application. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"

$aadapApp = $aadapServPrinc | ForEach-Object {$allApps.AppId -match $_.AppId}
 
Write-Host "Reading connector groups. This operation might take longer..." -BackgroundColor "Black" -ForegroundColor "Green"

$aadapConnectorGroups= Get-MgBetaOnPremisePublishingProfileConnectorGroup -OnPremisesPublishingProfileId "applicationProxy" -Top 100000 

Write-Host "Displaying connector groups and assigned applications..." -BackgroundColor "Black" -ForegroundColor "Green"
Write-Host " "

foreach ($item in $aadapConnectorGroups)
 {
  
   If ($item.ConnectorGroupType -eq "applicationProxy")
    {  
        "Connector group: " + $item.Name + " (Id: " + $item.Id+ ") - Region: " + $item.Region;
          
        $assignedApps= Get-MgBetaOnPremisePublishingProfileConnectorGroupApplication -ConnectorGroupId $item.Id -OnPremisesPublishingProfileId "applicationProxy";
    
        " "; 

        foreach ($item2 in $assignedApps)
         {
           
           $Item2.DisplayName + " (AppId: " + $item2.AppId+ ")"
         } 
    
    " ";
       
    }
           
 }   

Write-Host ("")
Write-Host ("Finished.") -BackgroundColor "Black" -ForegroundColor "Green"
Write-Host "To disconnect from Microsoft Graph, please use the Disconnect-MgGraph cmdlet."

脚本说明

Command 说明
Connect-MgGraph 连接到 Microsoft Graph
Get-MgBetaServicePrincipal 获取服务主体
Get-MgBetaApplication 获取企业应用程序
Get-MgBetaOnPremisePublishingProfileConnectorGroup 获取连接器组
Get-MgBetaOnPremisePublishingProfileConnectorGroupApplication 获取分配给连接器组的应用程序

后续步骤