Jorge's Quest For Knowledge!

All About Identity And Security On-Premises And In The Cloud – It's Just Like An Addiction, The More You Have, The More You Want To Have!

(2016-10-16) Azure AD PowerShell v2.0 CMDlets Are In Public Preview

Posted by Jorge on 2016-10-16

Since a few days the new Azure AD PowerShell v2.0 CMDlets are in public preview!

Eventually the new Azure AD CMDlets will replace the existing MSOLINE CMDlets. So, if you have tasks, scripts, whatever running that use the old CMDlets, make sure to start transitioning to the new CMDlets! Did you know you require at least PowerShell v5.0 to use this new PowerShell module? Well, you do know and you can get PowerShell v5.0 from here!

Assuming your server has internet connectivity, execute (also see the PowerShell Gallery:

Install-Module -Name AzureADPreview

One of the key features of the new module is a close alignment of the PowerShell functionality with the Graph API capabilities. We are also moving towards a faster and more agile release process for new or updated functionality of these CMDlets. The new PowerShell CMDlets already provide more functionality in several areas, most notably for Modern Authentication and MFA (nice!), and includes new management capabilities for Applications and Certificate Authority through PowerShell. For a full list of all available CMDlets and how to use them, see the Azure AD PowerShell reference documentation.

The PowerShell module has changed from MSONLINE to AZUREADPREVIEW. With GA, probably it will be called AZUREAD. The part in the noun of the PowerShell CMDlet has changed from MSOL to AzureAD. So where e.g. an existing cmdlet was named “New-MSOLUser”, which adds a new user to the directory, the new cmdlet’s name is “New-AzureADUser. The parameters for the new CMDlets sometimes changed as well. As CMDlets are in close alignment with the Graph API functionality, the names of objects and parameters are as close as possible to what is used in Graph API. An overview of Azure AD Graph API functionality can be found here: Getting started with Graph API

New functionality in Azure AD PowerShell

  • Using the -SearchString parameter. This parameter allows you to search for data in your directory based on a matching string value. The SearchString search scope for users currently covers the attributes “City”, “Country”, “Department”, “DisplayName”, “JobTitle”, “Mail”, “mailNickName”, “State”, and “UserPrincipalName. This is similar to an ANR (Ambigious Name Resolution) Search in ADDS.

  • Managing Token Lifetime policy settings. You can now manage Token Lifetime settings in your directory and that will support operations on Policy, ServicePrincipalPolicy and PolicyAppliedObject objects. More information and examples for this functionality can be found here.

  • Managing Certificate Authority using Powershell for Azure AD. New CMDlets have been made available. For that see this

  • Managing Applications, Application Extension Properties, Application Owners and Application Key Credentials in Azure AD using PowerShell. New CMDlets have been made available. For that see this

More Information:

* This posting is provided "AS IS" with no warranties and confers no rights!
* Always evaluate/test yourself before using/implementing this!
############### Jorge’s Quest For Knowledge #############
######### ########

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.

%d bloggers like this: