Last week, Microsoft announced a new preview version of the Azure Active Directory Windows PowerShell Module.
This is good news! Let me tell you why.
About the Azure AD PowerShell Module
Using the Azure Active Directory Windows PowerShell Module, Azure AD Admins can manage several aspects of Azure Active Directory for their organizations and/or customers.
Microsoft has made versions of the MSOnline Windows PowerShell Module available for public download for a while, now. This Windows PowerShell Module comes in two variants:
- version 1.0.9031.1, released March 2016
downloadable from Microsoft Download Center
- version 184.108.40.206, released June 2016
downloadable from Microsoft Connect, after registration
The latest 32-bit version of the Azure Active Directory Windows PowerShell Module is version 1.0.8362.1, released on January 2015. 32-bit support has since been deprecated.
The good news on Azure AD PowerShell Module version 2
The version released into preview, today, is dubbed version 2 and it supersedes the previous two versions currently available. Officially, under the covers, the version number is version 220.127.116.11.
More frequent updates
Microsoft promises to release more frequently, than they did previously.
When the version numbers are any indication, the Azure AD Connect playbook seem to be followed and this might mean we go from semi-yearly releases to semi-monthly releases.
While it’ll mean that you’d see updates to the PowerShell Module more often, it also means you’ll see bug fixes and new functionality more often, too.
This is especially helpful to organizations on the bleeding edge of technology, but might not be the most convenient situation to be in for organization with longer adoption cycles. However, I’m confident the team will be gracious with their support statements.
Alignment with Microsoft Graph API
From a development point of view, the ‘old’ Azure Active Directory Windows PowerShell Module didn’t make much sense. When we look at Brian Arkills Azure AD Technical Diagram, we see that the ‘old’ Azure Active Directory Windows PowerShell Module communicates with Azure AD’s PowerShell API as its backend.
The ‘new’ Azure Active Directory Windows PowerShell Module will closely align with the Graph API, and, thus, offer many of the benefits the Graph API has to offer.
If you want to learn more about Microsoft Graph API, I feel this article provides a fair introduction to get started with the Graph Explorer on graph.microsoft.io.
AzureAD instead of MSOL
A big change, that will impact all current script (repositories) is the fact that the ‘new’ Azure Active Directory Windows PowerShell Module released into preview last week, uses AzureAD as the keyword, opposed to MSOL.
So where e.g. an ‘old’ Azure Active Directory Windows PowerShell Cmdlet was named New-MSOLUser, to add a new user to the directory, the ‘new’ Azure Active Directory Windows PowerShell Cmdlet’s name is New-AzureADUser.
When you think a simple Search and Replace in PowerShell ISE or Notepad is all it takes to get your script (repository) to the ‘new’ Azure Active Directory Windows PowerShell Cmdlet, you’re in for another surprise: the parameters for some of the Cmdlets in the ‘new’ Azure Active Directory Windows PowerShell Module has changed as well.
It has to do with the same alignment with the Graph API and keeping the names of objects and parameters as close as possible to the names and objects in the Graph API. I welcome this change, because it means less ‘translations’ for objects and attributes between the various systems involved (Active Directory object attributes vs. Azure AD Connect Metaverse object properties vs. LDAP object properties, etc.).
Organizations leveraging a (signed) script repository, of course, need to invest in life cycle management for their scripts too, but in my opinion, this should’ve been part of the functionality of the script repository: Perhaps choosing for that ‘manual’ approach, because ‘Microsoft doesn’t release versions often’, wasn’t the brightest idea, though.
The new Azure AD PowerShell Module, that is now released as version 18.104.22.168 is a new direction for managing Azure Active Directory through code.
While at first, the change might break stuff in your environment, or demand further processes within your organization, in the long run this is the way to go.
Azure AD PowerShell: Public Preview
Azure Active Directory preview cmdlets for group management
Using Azure PowerShell with Azure Resource Manager
Azure Active Directory PowerShell Module – Version 1.0
How to install and configure Azure PowerShell
Why it is a good idea you are breaking our scripts????
God damm it… Is it at all worth spending time on interfacing with Azure, if it changes afterwards. What happened with backwards compatibility.