Why the Azure Active Directory Windows PowerShell Module is good news

Reading Time: 3 minutes

Windows PowerShellLast week, Microsoft announced a new preview version of the Azure Active Directory Windows PowerShell Module.

This is good news! Let me tell you why.

 

About the Azure AD PowerShell Module

Using the Azure Active Directory Windows PowerShell Module, Azure AD Admins can manage several aspects of Azure Active Directory for their organizations and/or customers.

Microsoft has made versions of the MSOnline Windows PowerShell Module available for public download for a while, now. This Windows PowerShell Module comes in two variants:

Note:
The latest 32-bit version of the Azure Active Directory Windows PowerShell Module is version 1.0.8362.1, released on January 2015. 32-bit support has since been deprecated.

 

The good news on Azure AD PowerShell Module version 2

The version released into preview, today, is dubbed version 2 and it supersedes the previous two versions currently available. Officially, under the covers, the version number is version 1.1.143.0.

 

More frequent updates

Microsoft promises to release more frequently, than they did previously.
When the version numbers are any indication, the Azure AD Connect playbook seem to be followed and this might mean we go from semi-yearly releases to semi-monthly releases.

While it’ll mean that you’d see updates to the PowerShell Module more often, it also means you’ll see bug fixes and new functionality more often, too.

This is especially helpful to organizations on the bleeding edge of technology, but might not be the most convenient situation to be in for organization with longer adoption cycles. However, I’m confident the team will be gracious with their support statements.

 

Alignment with Microsoft Graph API

From a development point of view, the ‘old’ Azure Active Directory Windows PowerShell Module didn’t make much sense. When we look at Brian Arkills Azure AD Technical Diagram, we see that the ‘old’ Azure Active Directory Windows PowerShell Module communicates with Azure AD’s PowerShell API as its backend.

The ‘new’ Azure Active Directory Windows PowerShell Module will closely align with the Graph API, and, thus, offer many of the benefits the Graph API has to offer.

Tip!
If you want to learn more about Microsoft Graph API, I feel this article provides a fair introduction to get started with the Graph Explorer on graph.microsoft.io.

 

AzureAD instead of MSOL

A big change, that will impact all current script (repositories) is the fact that the ‘new’ Azure Active Directory Windows PowerShell Module released into preview last week, uses AzureAD as the keyword, opposed to MSOL.

So where e.g. an ‘old’ Azure Active Directory Windows PowerShell Cmdlet was named New-MSOLUser, to add a new user to the directory, the ‘new’ Azure Active Directory Windows PowerShell Cmdlet’s name is New-AzureADUser.

When you think a simple Search and Replace in PowerShell ISE or Notepad is all it takes to get your script (repository) to the ‘new’ Azure Active Directory Windows PowerShell Cmdlet, you’re in for another surprise: the parameters for some of the Cmdlets in the ‘new’ Azure Active Directory Windows PowerShell Module has changed as well.

It has to do with the same alignment with the Graph API and keeping the names of objects and parameters as close as possible to the names and objects in the Graph API. I welcome this change, because it means less ‘translations’ for objects and attributes between the various systems involved (Active Directory object attributes vs. Azure AD Connect Metaverse object properties vs. LDAP object properties, etc.).

Organizations leveraging a (signed) script repository, of course, need to invest in life cycle management for their scripts too, but in my opinion, this should’ve been part of the functionality of the script repository: Perhaps choosing for that ‘manual’ approach, because ‘Microsoft doesn’t release versions often’, wasn’t the brightest idea, though.

 

Concluding

The new Azure AD PowerShell Module, that is now released as version 1.1.143.0 is a new direction for managing Azure Active Directory through code.

While at first, the change might break stuff in your environment, or demand further processes within your organization, in the long run this is the way to go.

Further reading

Azure AD PowerShell: Public Preview    
Azure Active Directory preview cmdlets for group management 
Using Azure PowerShell with Azure Resource Manager 
Azure Active Directory PowerShell Module – Version 1.0 
How to install and configure Azure PowerShell

One Response to Why the Azure Active Directory Windows PowerShell Module is good news

  1.  

    Why it is a good idea you are breaking our scripts????

    God damm it… Is it at all worth spending time on interfacing with Azure, if it changes afterwards. What happened with backwards compatibility.

leave your comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.