Category Archives: PowerShell

Microsoft Graph PowerShell Tips and Tricks, Part 4: What you need to know about Microsoft Graph PowerShell SDK v2

The AzureAD, MSOnline and AzureADPreview PowerShell modules are scheduled for deprecation. The schedule has changed a couple of times. To be prepared, admins should get going with the new Microsoft Graph PowerShell SDK module. However, the Microsoft Graph PowerShell SDK works differently. There's a learning curve that has proven steep. Many admins who have walked […]


HOWTO: Programmatically add a Microsoft Defender for Identity Action Account to Active Directory

Microsoft provides guidance for Managing action accounts for Microsoft Defender for Identity, but this documentation is severely lacking from my point of view: It actually lacks the information on creating the actual group Managed Service Account (gMSA) for the action account, itself. It provides guidance to delegating permissions in Active Directory to an individual account, […]


An overview of Azure AD Connect’s PowerShell Modules and Cmdlets

Azure AD Connect is Microsoft’s free Hybrid Identity bridge product to synchronize objects and their attributes from on-premises Active Directory Domain Services (AD DS) environments and LDAP v3-compatible directories to Azure Active Directory. Azure AD Connect needs to be installed on a Windows Server with Desktop Experience, but this does not mean there aren’t some […]


Knowledgebase: You receive error ‘Unable to download’ when you try to install the AzureAD or MSOnline PowerShell Module

For many organizations, the reality is that their on-premises systems need to communicate to Microsoft cloud services. Whether it is for Azure AD Connect, Azure AD Connect Health, Azure AD Password Protection, or the Azure MFA NPS extension, you’ll need to install either or both the MSOnline or AzureAD PowerShell modules. On Windows Server 2016-based […]


The state of Azure AD PowerShell today

Currently, there’s four Windows PowerShell modules to manage settings and objects in Microsoft’s Azure Active Directory: MSOnline AzureAD AzureADPreview AzureAD.Standard.Preview           MSOnline The MSOnline Module, with its *-MSOL* cmdlets, was the first Windows PowerShell Module for Azure Active Directory. It started life as a PowerShell Module to manage all Microsoft Online Services, hence the name. […]


Getting to know the colleagues using Azure Multi-Factor Authentication

On this blog, and in several other places, I’ve shared my experiences with Azure Multi-Factor Authentication. While this information meanly focuses on the on-premises Azure Multi-Factor Authentication Server, I did encounter the occasional implementation of the cloud-based Azure Multi-Factor Authentication. For one such implementation, I had the pleasure of migrating it from the cloud to […]


Why the Azure Active Directory Windows PowerShell Module is good news

Last week, Microsoft announced a new preview version of the Azure Active Directory Windows PowerShell Module. This is good news! Let me tell you why.   About the Azure AD PowerShell Module Using the Azure Active Directory Windows PowerShell Module, Azure AD Admins can manage several aspects of Azure Active Directory for their organizations and/or […]


Knowledgebase: How to check if your Azure Active Directory Tenant has a DirSync or AADSync installation syncing to it

Today, I ran into an issue, where the people I was talking to couldn’t tell me if their Azure Active Directory tenant had one or more Directory Synchronization Tool (DirSync) or Azure Active Directory Sync Tool (AADSync) installations associated with it. Additionally, these people showed me an Azure Active Directory Sync Tool (AADSync) installation, but […]


KnowledgeBase: Install-ADCSCertificationAuthority fails without a network adapter present

An issue has been identified in situations where you would configure a Windows Server installation as an Offline Root Certification Authority (CA). The Install-ADCSCertificationAuthority Windows PowerShell Cmdlet would error out, while you could achieve the scenario without problems using the Graphical User Interface (GUI).    The situation In multi-tier Public Key Infrastructure (PKI) implementations, you […]


Using the new Active Directory PowerShell Cmdlets on down-level and module-less systems

Last week, we discussed the new Active Directory Domain Services-related PowerShell Cmdlets in Windows Server 2012 R2. In the requirements I mentioned that you needed at least one system with the Windows Server 2012 R2 or Windows 8.1 version of the Active Directory Module for Windows PowerShell feature installed. However, as Aleksandar Nikolic (PowerShell MVP) […]